I installed the DKIM patch from GIT on my slave server, however the keys never seem to sync. Even though it is setup as RELAY RECIPIENTS for many domains. /var/lib/amavis/dkim is totally empty on my slave server. Am I doing something wrong??
There is not a difference between a single- and multi-server-setup. Install the patch (and amavis) on all servers. Did ou create the mail-domains on your slave-server or ift this a mirror for the mail-domains? Did you adjust the dkim-settings for the slave under server / serverconfiguration / email? Is the plugin enables? Check /usr/local/ispconfig/server/plugins-enabled Is amavis configured on your slave? You can also set the log-level for the slave to debug to get a littlebit more output.
Yes I installed it the same way. Yes this slave server is supposed to mirror the mail domains as it is backup MX server. I tried but it said Duplicate Domain. The domains are listed under EMAIL -> EMAIL RECIPIENTS on that slave server. No, I never had to on the first server to make it work. I'll attach an image of my settings Yes, I performed the manual install. yes , mail_plugin_dkim.inc.php is there. Yes I used the same perfect debian 7 guide for both. I will do that.
If you set server2 as mirror of server1, both servers has the same data. If you add server2 to an existing setup, you must resync the data (this inserts the data for the maildomains into the server2). The dkim-keys are created in the interface - that´s different to ssl-keys for websites (the will be create by the server-plugin).
YEs I understand that, which is why it is not a mirror. My first server is my dedicated webserver,NS1,MX(10). My second server(the slave) is my dedicated MYSQL server which also servers as NS2, and MX(20) for a my domains. What I really want to do is only mirror mail on my slave server. I've used the resync tool several times now. I've resynced everything, several times now. Is that enough? YEs, I see. Do your scripts use SSH to sync data?? That's probably the only thing I've changed since the base install. I changed the SSH port to 2222 and removed the root account from SSH access. Installed fail2ban and the jails(added both server's CIDRs to whitelist). And created IPTABLES rules to exclude connections from RU and CN IP ranges. Disabled IPv6 in bind, interfaces, etc. Installed the DKIM patch. And that is about it. I don't imagine anything else I may have done that might affect this other than SSH if your scripts use it to connect.
Ispconfig uses mysql-connctions to "send" data to the slave. If you have a mailldomain on server2 (with server_id 2) you see the dkim-key in the table mail_domain on the master and the slave. If you can´t see the record on the slave you either made an error during setup or the slave can´t get "it´s" data from the master. This has nothing todo with dkim. The pacth is just a backport to provide this feature for versions < 3.1. I use this on severl servers (single-server and multi-server) without such an error. If you can´t fix this yourself you can also contact me be mail an provide access to your server.
But you can't assign the same email domain name on both the master and the slave. When you try to do it, you get ERROR: DUPLICATE DOMAIN. So what do I need to put into the control panel so that my DKIM keys from Server A will replicate on SERVER B.
Of course not. But server2 can be a mirror of server1. I don´t know why you want the same domain on two servers and don´t use a simple mirror-setup-
Because MIRROR will MIRROR EVERYTHING. That means that I would need to purchase and install another 4TB raid array for that secondary server to handle the space required to mirror EVERYTHING on server A. Two TB of RAID seems to be good enough on my slave server for databases, secondary MX and Secondary NS services only.
If this was a virtualized environment it would double your costs to recreate everything on another server. You should be able to mirror just the services you need on a slave so you don't need to pay for a duplicate environment.
The mirror-function does not replicate any "real data"; just the config used by ispconfig. If you mirror web and mail but do not want web on the mirror, just don´t relicated the web-dirs. Ispconfig will not copy-over any data. Backup to maildomains: you can run a domain on one server (or more if you use a mirror-setup. nothing more, nothing less.
If I select mirror at this moment, what will happen to the databases on the slave will they be erased??
This option affects only new configuration data, not existing one. That's why it should not be set before the first data gets added to any of the involved servers.
I think Mirror is probably the wrong word for that option. Those of us think of a true 1:1 copy when we hear the word mirror.
