Dkim in Virtualmin

I note the following in virtualmin docs…

Only virtual servers that have both the DNS and email features enabled will have DKIM activated, as the mail server needs to be setup to use a private signing key whose corresponding public key is added to DNS.

i dont understand this…we can manually add the key to externally hosted dns?

how do we configure this when dns is not hosted by this virtualmin system but by the domain registrars?

Presumably you’d be able to manually copy it from the Virtualmin server’s zone file. Or possibly you could set the registrar up as a secondary server and do zone transfers from Virtualmin.

I got the feeling that the dkim function doesnt work…so does it work if dns for domain in virtualmin is disabled? I am not really familiar with how dkim actually works?

I guess i need to read up on it.

It should work if hostname / mailserver has dkim and dns enabled.
( If external dns then keep dns enabled for hostname mailserver to have it work and copy the dkim key to external dns)

So if using mailsettings for hostname/ mailserver and not using domains mail but for them using hostname/mailserver in mx records, you should copy the dkim key ( from mail/hostname server) to that external dns also.

Then it works.

Only some bugs i think in versions we use , and take care of some dovecot after changing / ad virtualservers.

Should be solved now or near future as you can read in commits in github for virtualmin / webmin.

We are using the most simple settings / config , so not having mail / mx for domains themselves, but mx pointing to hostname/mailserver as before sni times.

Postfix need such while not supporting sni on 1 ip, then i think personally makes no sense to have dovecot working / configured different then that.

If you have for domains own IP yup then…

If you generate external dkim you have to copy that to virtualmin for those mx record domain, we don’t use that so don’t know…