Hello, I'm considering to patch my ispconfig with this dkim patch: http://blog.schaal-24.de/ispconfig/dkim-patch-1-0/?lang=en (latest version) First, is it safe, by this I mean, any chance it will give my any issues regarding to future updates from ISPConfig. Second, in a multi server setup, do I patch all servers,or mail + master only, or interface (master) only? Would you recommend doing this, or wait for the function to be included in stable version? Im looking forward to hearing your thoughts.
Thats safe, the patch is the backport of the dkim function from ISPConfig 3.1 for ISPConfig 3.0.5.4p8. Mail and master should be enough. It is safe, so if you like to use Dkim then install it.
If you run your own dns, install this patch on the dns-servers, too or alter the database used for ispconfig (dbispconfig) on dns-servers: ALTER TABLE `dns_rr` CHANGE `data` `data` TEXT NOT NULL DEFAULT '';
Could you please explain: I run my own DNS servers (eg. ns1.domain.com and ns2.domain.com) but DNS servers for domain 'domain.com' are not 'ns1.domain.com' and 'ns2.domain.com'. ns1.domain.com and ns2.domain.com are DNS servers for other domains (not 'domain.com'). Should I alter the database on ns1.domain.com (witch is a primary DNS server) and ns2.domain.com (secondary DNS server)?
Just alter the database. If you skip this step, dkim-records may fall due to the limitation in the database.
@florian030 Thank you for your response. I should alter the database both on ns1.domain.com and ns2.domain.com?
@florian030 Thank you again. More questions: 1. Should I follow this: http://blog.schaal-24.de/ispconfig/dkim-patch-1-0/?lang=en procedure on ns1.domain.com and ns2.domain.com AND on server with ISPConfig where 'other-domain.com' is hosted (web and mail) or only on ns.1domain.com and ns2.domain.com? 2. If I follow the procedure from the link above, will it install the latest patch (1.1.9)?
You can use the setup-guide on every server. But if a server runs dns only, it´s enough to alter the databse on this server. Just grab the latest version from my blog (wget blog.schaal-24.de/files/dkim-latest_ispconfig3.tar.gz) or git-server (git clone https://git.schaal-24.de/ispconfig/dkim.git).
@florian030 I followed the procedure from: http://blog.schaal-24.de/ispconfig/dkim-patch-1-0/?lang=en on all three servers and I get an error: 'DKIM disabled for this mail-domaindata_error_empty' on primary DNS server. http://www.mail-tester.com/ says: 'We were not able to retrieve your public key. Please ensure that you inserted your DKIM TXT DNS record on your domain mydomain.com using the selector default.'
Did you alter the database on ns1? Are you running the same ispconfig-version on all servers? Image 1 shows a created dkim-record. You should see the key-pair in the database (mail_domain)
I altered the database on all 3 servers. I said I followed the procedure from the link above on all 3 servers. Yes, the same ISPConfig version is all 3 servers, 3.0.5.4 p8. The first image is from web/mail server, the second one is from a primary DNS server for a domain hosted on web/mail server.
If you are running 3 seperated servers, you must install the patch on each server but you can´t see the records from server 1 on 2 and vice versa. Create DKIM on your mail-server and insert the public-key into your dns-servers.
I don´t know why you run three servers as standalone and not as a multiserver-setup. But this is up to you.... create a dns-record type TXT with the content shown for the public dkim-key for the maildomain (or run amavisd-new showkeys)