Author Topic: DKIM record not generated  (Read 5697 times)

0 Members and 3 Guests are viewing this topic.

Offline
*
DKIM record not generated
« on: March 14, 2022, 10:26:50 AM »
I have 3 servers with CWP (2x centos 7 and 1x centos 8 stream delayed), the Centos 8 is my most recent server, I think I configure everything correctly but the cwp is not generating a DKIM record for new domains added.

I use cloudflare go manage the dns, usually I add a new domain it created the dns records locally and I copy the values to cloudflare, but on my new server the DKIM record is never created.

I already rebuild multiple times the mail server, I tried to go to Email -> DKIM manager and "Add DKIM" but it never adds a dkim record, it show a success message but don't do nothing.
When I add a new domain in the other server if I go to Dkim Manager I get all columns green, in the new server I get
TrustedHosts = Red   
KeyTable = Red
v=DKIM1 = Green
v=spf1 = Green

I already tried do add the domain to /etc/opendkim/TrustedHosts manually and in that case I can turn TrustedHosts to green, but the dkim record is never generated. I saw that the /etc/opendkim/userkeys/ folder don't even exist I have a /etc/opendkim/keys/ but it's empty, I tried to create that folder but even after rebuild mailserver it still empty.

Please any tips to solve this problem

Offline
***
Re: DKIM record not generated
« Reply #1 on: March 14, 2022, 10:42:04 AM »
yeah... if you have to manually edit DKIM configuration files then the setup is now custom.

When you rebuild the mail server with DKIM/SPF checked, you would probably need to rebuild all DNS records. Simplest way is to run this command after completing rebuilding the mail server:
Code: [Select]
/usr/local/cwp/php71/bin/php /scripts/cwp_api account rebuild_var_named_all
After that, run this command to manually confirm that DKIM values has been added to your DNS records:
Code: [Select]
grep --include=\*.{db,} -rnw '/var/named/' -e 'default._domainkey'
If the last command shows good results then your DKIM is fine. The only step left is to confirm it really working by sending an email to:
https://www.mail-tester.com/
« Last Edit: March 14, 2022, 10:43:50 AM by iraqiboy90 »

Offline
*
Re: DKIM record not generated
« Reply #2 on: March 14, 2022, 11:04:47 AM »
yeah... if you have to manually edit DKIM configuration files then the setup is now custom.

When you rebuild the mail server with DKIM/SPF checked, you would probably need to rebuild all DNS records. Simplest way is to run this command after completing rebuilding the mail server:
Code: [Select]
/usr/local/cwp/php71/bin/php /scripts/cwp_api account rebuild_var_named_all
After that, run this command to manually confirm that DKIM values has been added to your DNS records:
Code: [Select]
grep --include=\*.{db,} -rnw '/var/named/' -e 'default._domainkey'
If the last command shows good results then your DKIM is fine. The only step left is to confirm it really working by sending an email to:
https://www.mail-tester.com/
Unfortunately the command don't do nothing, in the other servers I have many results with running the second command but in this server don't show nothing

Offline
****
Re: DKIM record not generated
« Reply #3 on: March 14, 2022, 07:53:57 PM »
Is the opendkim service running?

systemctl status opendkim
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: DKIM record not generated
« Reply #4 on: March 14, 2022, 09:55:34 PM »
Is the opendkim service running?

systemctl status opendkim
Yes it's running I already start and stop many times.

It's really strange I don't get any error it simply not generate any dkim record.

Offline
****
Re: DKIM record not generated
« Reply #5 on: March 15, 2022, 12:47:44 AM »
Please post the results of the following command.

journalctl -xeu opendkim
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: DKIM record not generated
« Reply #6 on: March 15, 2022, 09:31:04 AM »
This is the result of journalctl -xeu opendkim coomand

Code: [Select]
Mar 14 11:34:04 moon.noop.pt systemd[1]: opendkim.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- The unit opendkim.service has successfully entered the 'dead' state.
Mar 14 11:34:04 moon.noop.pt systemd[1]: Stopped DomainKeys Identified Mail (DKIM) Milter.
-- Subject: Unit opendkim.service has finished shutting down
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit opendkim.service has finished shutting down.
Mar 14 11:34:04 moon.noop.pt systemd[1]: Starting DomainKeys Identified Mail (DKIM) Milter...
-- Subject: Unit opendkim.service has begun start-up
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit opendkim.service has begun starting up.
Mar 14 11:34:05 moon.noop.pt systemd[1]: Started DomainKeys Identified Mail (DKIM) Milter.
-- Subject: Unit opendkim.service has finished start-up
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit opendkim.service has finished starting up.
--
-- The start-up result is done.
Mar 14 11:34:18 moon.noop.pt systemd[1]: Reloading DomainKeys Identified Mail (DKIM) Milter.
-- Subject: Unit opendkim.service has begun reloading its configuration
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit opendkim.service has begun reloading its configuration
Mar 14 11:34:18 moon.noop.pt systemd[1]: Reloaded DomainKeys Identified Mail (DKIM) Milter.
-- Subject: Unit opendkim.service has finished reloading its configuration
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit opendkim.service has finished reloading its configuration
--
-- The result is done.

This is really a strange problem, and I need to fix it but have no ideas for more things to test

Offline
***
Re: DKIM record not generated
« Reply #7 on: March 15, 2022, 09:48:40 AM »
I just got a hunch here, but can you run this command and post the entire result here. Also please tell us at what date did you install CWP.

Code: [Select]
dnf history info opendkim

Offline
*
Re: DKIM record not generated [Solved]
« Reply #8 on: March 15, 2022, 10:16:15 AM »
I just got a hunch here, but can you run this command and post the entire result here. Also please tell us at what date did you install CWP.

Code: [Select]
dnf history info opendkim

I already reinstall the opendkim it's installed.
But after I compare the commands on the forlder "/usr/sbin/" of the working server and the current server I found something missing, in the current server I don't have the commands:
opendkim-genkey
opendkim-genzone
opendkim-testkey
opendkim-testmsg

I search a little and found that the "opendkim-tools" was not installed I run dnf install opendkim-tools to install it then rebuild the mail server and generate again the dkim for all domains and its WORKING  ;D

This server is mostly for backups and development and I'm testing Centos 8 Stream, I think at the moment the most important things are working, very soon I will get a new production server and will use Centos 8 Stream again I will check if this is a problem with the instalation on CWP or if is only something that fail during the installation on this server

Thank you iraqiboy90 and rcschaff

Offline
***
Re: DKIM record not generated [Solved]
« Reply #9 on: March 15, 2022, 12:01:55 PM »
Glad I could be of help leading you to solving the problem, but I just checked my centos 8 stream server and I have a working DKIM manager without opendkim-tools installed.

And I also don't have those files you're talking about:
Code: [Select]
[root@pmail ~]# ll /usr/sbin/*dkim*
-rwxr-xr-x 1 root root 227856 Feb 24 05:14 /usr/sbin/opendkim
-rwxr-xr-x 1 root root   1430 Feb 24 05:14 /usr/sbin/opendkim-default-keygen
-rwxr-xr-x 1 root root  14498 Feb 24 05:14 /usr/sbin/opendkim-reportstats

These are the only things that got installed by CWP when DKIM got installed:
Code: [Select]
User           : root <root>
Return-Code    : Success
Releasever     : 8
Command Line   : --enablerepo=epel -y install opendkim libopendkim perl-Mail-DKIM perl-Mail-SPF pypolicyd-spf
Comment        :
Packages Altered:
    Install libmemcached-libs-1.0.18-17.el8.x86_64               @appstream
    Install python3-pip-9.0.3-22.el8.noarch                      @appstream
    Install python36-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64 @appstream
    Install sendmail-milter-8.15.2-34.el8.x86_64                 @appstream
    Install python3-setuptools-39.2.0-6.el8.noarch               @baseos
    Install libbsd-0.9.1-4.el8.x86_64                            @epel
    Install libopendkim-2.11.0-0.17.el8.x86_64                   @epel
    Install opendbx-1.4.6-21.el8.x86_64                          @epel
    Install opendkim-2.11.0-0.17.el8.x86_64                      @epel
    Install pypolicyd-spf-2.0.2-7.el8.noarch                     @epel
    Install python3-py3dns-3.2.1-1.el8.noarch                    @epel
    Install python3-pyspf-2.0.14-8.el8.noarch                    @epel
« Last Edit: March 15, 2022, 12:08:17 PM by iraqiboy90 »

Offline
*
Re: DKIM record not generated
« Reply #10 on: March 15, 2022, 06:19:38 PM »
It's a little strange I only make it work after I install opendkim-tools,
Now I have this
Code: [Select]
[root@mercury ~]#  ll /usr/sbin/*dkim*
-rwxr-xr-x 1 root root 162104 Dec 21  2016 /usr/sbin/opendkim
-rwxr-xr-x 1 root root   1430 Dec 21  2016 /usr/sbin/opendkim-default-keygen
-rwxr-xr-x 1 root root   6445 Dec 21  2016 /usr/sbin/opendkim-genkey
-rwxr-xr-x 1 root root  68280 Dec 21  2016 /usr/sbin/opendkim-genzone
-rwxr-xr-x 1 root root  14498 Dec 21  2016 /usr/sbin/opendkim-reportstats
-rwxr-xr-x 1 root root  72688 Dec 21  2016 /usr/sbin/opendkim-testkey
-rwxr-xr-x 1 root root  15640 Dec 21  2016 /usr/sbin/opendkim-testmsg

And this was what I have in all other servers with Centos 7 only the one with Centos 8 was missing some commands and start working after I install it.

Offline
***
Re: DKIM record not generated
« Reply #11 on: March 15, 2022, 07:53:50 PM »
why are your files dated 2016? Did you have this centos 8 server since then and you installed CWP on it without reinstalling centos 8 first?

Offline
*
Re: DKIM record not generated
« Reply #12 on: March 16, 2022, 09:12:26 AM »
why are your files dated 2016? Did you have this centos 8 server since then and you installed CWP on it without reinstalling centos 8 first?

Yes this is a print from my centos 7 that it now exactly the same of the centos 8, only the dates changed, but here is the files from the correct server:

Code: [Select]
[root@moon ~]# ll /usr/sbin/*dkim*
-rwxr-xr-x 1 root root 227856 Feb 24 05:14 /usr/sbin/opendkim
-rwxr-xr-x 1 root root   1430 Feb 24 05:14 /usr/sbin/opendkim-default-keygen
-rwxr-xr-x 1 root root   6445 Feb 24 05:14 /usr/sbin/opendkim-genkey
-rwxr-xr-x 1 root root  85344 Feb 24 05:14 /usr/sbin/opendkim-genzone
-rwxr-xr-x 1 root root  14498 Feb 24 05:14 /usr/sbin/opendkim-reportstats
-rwxr-xr-x 1 root root  85488 Feb 24 05:14 /usr/sbin/opendkim-testkey
-rwxr-xr-x 1 root root  16760 Feb 24 05:14 /usr/sbin/opendkim-testmsg

All files have the same timestamp this probably is the original creation date of the last opendkim version