DKIM private key, permissions?

Discussion in 'ISPConfig 3 Priority Support' started by Taleman, Sep 20, 2019.

  1. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I'm testing e-mail server and created DKIM keys with ISPConfig. I discovered the private key is automatically set up so Amavis can use it, but noticed the file permissions for the file allow reading for others. Should it be only owner and group can read since I assume the private part of the key must be kept secret.
    Code:
    # ls -lh /var/lib/amavis/dkim/
    total 8.0K
    -rw-r--r-- 1 amavis amavis 1.7K Aug 29 19:04 taleman.ovh.private
    -rw-r--r-- 1 amavis amavis  451 Aug 29 19:04 taleman.ovh.public
    
    I did chmod o-r to the .private file.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    If it still works after you restarted amavis, then we should change the default indeed.
     
  3. florian030

    florian030 Well-Known Member HowtoForge Supporter

    You don't need this. See the permissions for /var/lib/amavis:
    Code:
    drwxr-x---  7 amavis       amavis       4096 Sep 20 10:36 amavis
    
     

Share This Page