Hi people, A few months ago I configured DKIM with opendkim, and everything worked like a charm, also spf and dmarc. The DNS was on a different server, so when yesterday I decided to reconfigure the whole server, I just backup the DKIM private key. So yesterday I made a clean ISPConfig 3.1 install. I configured all the domains, enabled DKIM on the main domain inserting the old DKIM private key, but this doesn't look to work, DKIM doesn't appear in the original message, even if (of course) SPF and DMARC still work. Now I'd like to understand why this is not working, but I don't know where to look, since that /var/log/mail.log doesn't seem to have any indications about this. Can somebody help me? Am I missing something? Thanks! These are the headers of a test message: Code: Delivered-To: [email protected] Received: by 10.25.16.97 with SMTP id f94csp953802lfi; Sun, 10 Apr 2016 00:22:51 -0700 (PDT) X-Received: by 10.194.92.107 with SMTP id cl11mr19584706wjb.21.1460272971429; Sun, 10 Apr 2016 00:22:51 -0700 (PDT) Return-Path: <[email protected]> Received: from server1.mydomain.tld (server1.mydomain.tld. [46.xxx.xxx.xxx]) by mx.google.com with ESMTPS id h84si11829115wme.92.2016.04.10.00.22.51 for <[email protected]> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 10 Apr 2016 00:22:51 -0700 (PDT) Received-SPF: pass (google.com: domain of [email protected] designates 46.xxx.xxx.xxx as permitted sender) client-ip=46.xxx.xxx.xxx; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 46.xxx.xxx.xxx as permitted sender) [email protected]; dmarc=pass (p=QUARANTINE dis=NONE) header.from=mydomain.tld Received: from localhost (localhost.localdomain [127.0.0.1]) by server1.mydomain.tld (Postfix) with ESMTP id D0F9C20DAC for <[email protected]>; Sun, 10 Apr 2016 03:22:50 -0400 (EDT) X-Virus-Scanned: Debian amavisd-new at server1.mydomain.tld Received: from server1.mydomain.tld ([127.0.0.1]) by localhost (server1.mydomain.tld [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4l8HznAn4LF4 for <[email protected]>; Sun, 10 Apr 2016 03:22:50 -0400 (EDT) Received: from mail-ig0-f177.google.com (mail-ig0-f177.google.com [209.85.213.177]) (Authenticated sender: [email protected]) by server1.mydomain.tld (Postfix) with ESMTPSA id C93542097F for <[email protected]>; Sun, 10 Apr 2016 03:22:49 -0400 (EDT) Received: by mail-ig0-f177.google.com with SMTP id ui10so48372907igc.1 for <[email protected]>; Sun, 10 Apr 2016 00:22:49 -0700 (PDT) X-Gm-Message-State: AD7BkJJhDmFeTkzmEqjKw98ioK3zPih8CR9yZd6SjDgKNpR+Br7nbODU8MVjldUd2mREGo/UxG5Zc8vkj8f7+Q== MIME-Version: 1.0 X-Received: by 10.50.66.210 with SMTP id h18mr11775091igt.68.1460272968650; Sun, 10 Apr 2016 00:22:48 -0700 (PDT) Received: by 10.64.64.42 with HTTP; Sun, 10 Apr 2016 00:22:48 -0700 (PDT) Date: Sun, 10 Apr 2016 09:22:48 +0200 X-Gmail-Original-Message-ID: <CAKAN_hD9C4iPDCNV5C-9w+FxzXrRp+cXpuHwHASqL_ymbhXRvg@mail.gmail.com> Message-ID: <CAKAN_hD9C4iPDCNV5C-9w+FxzXrRp+cXpuHwHASqL_ymbhXRvg@mail.gmail.com> Subject: test From: "Me | mydomain.tld" <[email protected]> To: [email protected] Content-Type: multipart/alternative; boundary=047d7bdca468926f9f05301c4b37 --047d7bdca468926f9f05301c4b37 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I just checked this on my dev-server. I did not send-out any mails but the amavis-config was updated and the keys are written to the disk. Did you enable DKIM for the domains? Please check /etc/amavis/conf.d/60-dkim to see the stored keys
I wasn't enabled to reply, now I can reply, 60-dkim looks correct, it stores the correct private key path.
changed smtpd_sender_restrictions to Code: check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re