I have enabled DomainKeys identified Mail and everything seems to go well. Virtualmin enables it without any error and creates the dns record.
I use cloudflare and I create the same record for dkim. I have tried to use quotes without and many other solutions that I find on the internet but none seems to work.
I think there is non need to put them there. By default belong to the
Domains currently signed for
Vistualmin creates the appropriate records for these domains
I have checked it and it is named as created by virtualmin
I also tried to change the selector but it is stuck to the initial value in the signed emails, so I have changed it back.
Another clue is that it is not possible to generate a new key.
The key always remains the same.
I am not sure if this is the normal behavior but in the mail.log
there are lines
DKIM-Signature field added …
also the signature exist when checking the mails but it is not valid .
And for sure virtualmin cannot generate a new signature.
It always display the same signature.
and the same applies for the selector. It is not possible to change it.
All these define a misbehavior of DKIM.
Changing the selector is not relevant here. When you copy and paste the key into cloudflare make sure you are doing it correctly as they allow.
There should be instructions on their end on how to do it.
In most cases you need to make sure all quotes are removed and from where the key itself starts make sure all quotes and spaces are removed.
If the opendkim is showing that it is adding the key to all domains with no errors in mail.log than the first place to look for problems is at the dns level.
You can also check by sending an email from one account on the virtualserver to another and view the headers from your end in read user mail.
Thank you cyberndt for your reply,
I just mentioned about the selector to state that Dkim scripts have more than one issue. I have checked the logs and cannot find any errors.
The signature is present tot the outgoing emails and I have checked.
The problem is that all the mail checker programs state the signature is invalid.
Indeed I use Cloudflare and I am very careful to delete an quotes and spaces but with no luck.
I use dkim signatures from other cps into cloudflare which they work without any issues.
I have also removed opendkim and reinstalled it, cleared any dkim key and recreate them.
It seems that the dkim always generates the same private and public keys which for sure states a malfunction.
I guess that it does not generates properly the key and indeed is not valid, but I cannot find any way to generate a new different key.
I also noticed that the opendkim version which is used is a beta version.
I will try to built a fresh server and see if I have the same issues.
I have deleted all the DNS records for this domain and copied the dkim key from “suggested DNS Records” field and worked.
I have copied the key from “v=DKIM1; …”. I have kept all quotes spaces as there were.
Maybe at the DNS Record Edit field the txt editor was adding or altering any character.
Thank you all for your replies.
the quotes and space between quotes do not work in my dns server, you need to remove them.
If you use mxtoolbox you should be able to match what the key should be and what is being seen in the txt record. The only quotes you should have in the txt record is the leading and ending and no spaces.