How to configure DKIM

I am configure my DKIM but still when i will checking origin massage it’s not showing DKIM signed.
When i was checked on “https://dkimvalidator.com/results” it’s showing " DKIM Information:

DKIM Signature

This message does not contain a DKIM Signature"

Please help

Hello and welcome to the community. Tell us what your system config is and which version of Webmin + Virtualmin you have installed. Also, have you enabled DKIM via Virtualmin | Email Settings | DomainKeys Identified Mail or in some other way. If the former, have got the radio button for Signing of outgoing mail enabled?

Thanks carport for the reply. Please find the below detail as you required.

Webmin version 1.942
Virtualmin version 6.09
Yes i have enabled DKIM via Virtualmin | Email Settings | DomainKeys Identified Mail also DKIM text is available in to my DNS.

Habe you configred glue records for virtualmin system correctly at your registrar?
Is your virtualmin system actually being used as a nameserver by outside dns lookups?

The simplest way to do this is to add dkim at domain registrar and use their dns hosting

If you want to use virtualmin dns internally, it requires you to register your virtualmin system as a nameserver by adding glue records at registrar for your Virtualmin host.domain.com (the vps itself). Once its resolving correctly, and your dkim is correct, it should work if its enabled in virtualmin for each domain/virtual server.

I dont use dkim, you dont really need it. Just use spf and dmarc at dns…thats all you need (along with ssl obviously)

@adamjedgar So for me, on domains.google.com I currently have a TLSA type record for my Virtualmin served domains to implement DKIM verification for Mailgun because I send out all mail through them. I did that because I’m still too cheap to buy a Static IP, and couldn’t figure a way to get mail to leave my server without doing the Mailgun type thing.

I used to have glue records at domains.google.com but I got rid of them when I realized I had a way to automate my DHCP address changes.

Since the glue records are static there, I cannot use Virtualmin to implement DKIM / DANE type authentication unless I manually alter the IP of the glue records at each Dynamic IP change, right?

There remains a quirk / bug in Virtualmin that requires in /etc/opendkim.conf the following to be set:

Socket inet:8891@localhost
#Socket local:/var/run/opendkim/opendkim.sock

You need to just transpose the # between the two lines. Bug occurs ion new installs of Ubuntu 18 LTS.

Also check if these are in /etc/postfix/main.cf:

smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

Add them if they are not there. Be careful about the ports, the numbers might vary slightly for different installs of Virtualmin.

1 Like

@calport you nailed it. Now I have a bunch of TLSA records in each Virtual Server’s DNS Records.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.