DKIM Filtter Issue (Possible Bug in default setup by Virtualmin)

Virtualmin
1

I recently enabled DKIM Signing using Virtualmin, I am now receiving the following errors in my mail log and many website scripts are no longer sending out mail:

Jan 5 05:41:52 pacy01 dkim-filter[18156]: A9EFE700033 no key selected for signing
Jan 5 05:41:52 pacy01 postfix/cleanup[18715]: A9EFE700033: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; from=www-data@pacy01.pacyworld.com to=XXXXXX@yahoo.co.uk

I noticed that virtualmin uses “Domain *” in the dkim-filter.conf file. That could be the source of the issue. I think it’s best to list every domain in a separate file and use that instead of including all the domains by default.

I tried adding the following to the dkim-keys.conf file:
*@pacy01.pacyworld.com:pacy01.pacyworld.com:/etc/pacyworld

It fixed some messages except for the ones send by “www-data”. Unfortunately, this file get rewritten every time a new mail domain is added.

2

Please look at the correct setup for multiple domains:

http://www.unibia.com/unibianet/systems-networking/how-setup-domainkeys-identified-mail-dkim-postfix-and-ubuntu-server

Their is no need to specify “Domain *” in the /etc/dkim-filter.conf file.

Anyone having trouble with the virtualmin setup should comment out the above line

/etc/dkim-filter.conf:


#Domain *
KeyFile /etc/dkim.key
Selector pacyworld

Then /etc/inid.d/dkim-filter reload

3

The ''Domain *" line gets uncommented everytime a new domain is added or changed… Is there any way to prevent this from happening?

4

Yeah same problem here… was working fine on Debian 5.0 but on Debian 6.0 I need to comment that Domain * line out. If it gets uncommented on every domain addition I guess I will have to disable the DKIM service for the time being.

5

I can also confirm this behavior in debian squeeze.

To fix it for now, I made a backup of dkim-filter.conf with the uncommented line and created a small script like this:

#!/bin/bash

cp /etc/dkim-filter.conf.bckp /etc/dkim-filter.conf
/etc/init.d/dkim-filter restart

and let it run after domain creation or update -> system settings / virtualmin configuration / Actions upon server and user creation

6

I can also confirm this behavior in debian squeeze.

To fix it for now, I made a backup of dkim-filter.conf with the commented line and created a small script like this:

#!/bin/bash

cp /etc/dkim-filter.conf.bckp /etc/dkim-filter.conf
/etc/init.d/dkim-filter restart

and let it run after domain creation or update -> system settings / virtualmin configuration / Actions upon server and user creation

7

I found the conf file at /etc/mail/dkim-milter/dkim-filter.conf

To restart use /etc/init.d/dkim-milter reload - (not filter)

It seems to work. There is no way this can affect the system negatively?

Thanks

8

can also confirm this…
can this be fixed in the next release?