We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
DKIM Woes Again
-
- Posts: 83
- Joined: Tue Jan 14, 2014 6:43 am
DKIM Woes Again
Alright So I had to re-install Debian Wheezy 64-bit on my Server and VestaCP as well.
Now no matter what I do whether it's generate dkim keys inside or out of VestaCP no matter what they're not showing up as working when i send an email to [email protected] to check.
DKIM always shows up as permerror.
Help!
Now no matter what I do whether it's generate dkim keys inside or out of VestaCP no matter what they're not showing up as working when i send an email to [email protected] to check.
DKIM always shows up as permerror.
Help!
-
- Posts: 5
- Joined: Mon May 12, 2014 1:18 pm
Re: DKIM Woes Again
I have the same problem on centos. Already found a fix?
I have already tried viewtopic.php?f=12&t=4862&p=11610&hilit=dkim#p11610
but still nothing...
I have already tried viewtopic.php?f=12&t=4862&p=11610&hilit=dkim#p11610
but still nothing...
-
- Posts: 83
- Joined: Tue Jan 14, 2014 6:43 am
Re: DKIM Woes Again
Nope haven't got i working, I should have never installed the new update it ruined the working version I had. :(
-
- Posts: 5
- Joined: Mon May 12, 2014 1:18 pm
Re: DKIM Woes Again
I get the following errors:
DomainKey result: none (no signature)
============================================================
============================================================
DKIM result: permerror (no key)
But I have created the keys and can see them in vestacp dns.
DomainKey result: none (no signature)
============================================================
============================================================
DKIM result: permerror (no key)
But I have created the keys and can see them in vestacp dns.
-
- Posts: 83
- Joined: Tue Jan 14, 2014 6:43 am
Re: DKIM Woes Again
Yeah I've got the key, but vestacp isn't signing the outgoing mail.
-
- Posts: 83
- Joined: Tue Jan 14, 2014 6:43 am
Re: DKIM Woes Again
Ok I think I might have figured out what the issue is with DKIM, apparently VestaCP DKIM generation keeps defaulting DKIM record from mixed upper-case and lower-case DKIM key to just lower-case which the TXT record should have v=DKIM1; before the k=rsa;
I have not found a way to fix this, but that's the problem.
I have not found a way to fix this, but that's the problem.
-
- Posts: 83
- Joined: Tue Jan 14, 2014 6:43 am
Re: DKIM Woes Again
Sorry to double post, but I finally got DKIM working as I said VestaCP keeps turning the DKIM TXT record into lower case instead of mixed upper and lower case. Also the DKIM TXT record needs to start with v=DKIM1 in order to work. What you have to do in most cases is delete and recreate the DKIM record a couple times to get it working properly. Doing so will require you to have the generated DKIM record and key, so you may want to use http://www.port25.com/support/domainkeysdkim-wizard/ to generate your DKIM keys in order to get it working. This is a pain in the proverbial rear.
Re: DKIM Woes Again
Hrmm this is a shame, is there a bug tracker somewhere - what are the chances that this will get sorted in the coming weeks?
Re: DKIM Woes Again
I found that I can't just take the DKIM public key output from Vesta and paste it straight to my DNS record, so I altered mine to work. Here's what I did in my Vesta install to pull the DNS record ready to go, ready to copy and paste to my DNS editor:
/usr/local/vesta/bin/v-list-mail-domain-dkim-dns
Comment out these lines:
By replacing them as:
Then I commented out this line:
Replacing it as:
Next, I changed this line:
To this:
Now I run this from CLI...
And I get a return like this:
Probably more than you need, but to share, I then made this bash script on our central server so that other guys who handle support could pull a DNS record for a client by typing "dkim domainname" in:
/usr/local/vesta/bin/v-list-mail-domain-dkim-dns
Comment out these lines:
Code: Select all
echo -e "\t\"_domainkey\": {"
echo " \"TTL\": \"3600\","
echo " \"TXT\": \"'t=y; o=~;'\""
echo -e "\t},"
Code: Select all
#echo -e "\t\"_domainkey\": {"
#echo " \"TTL\": \"3600\","
#echo " \"TXT\": \"'t=y; o=~;'\""
#echo -e "\t},"
Code: Select all
echo "_domainkey 3600 IN TXT \"t=y; o=~;\""
Code: Select all
#echo "_domainkey 3600 IN TXT \"t=y; o=~;\""
Code: Select all
pub=$(cat $USER_DATA/mail/$domain.pub | sed ':a;N;$!ba;s/\n/\\n/g')
Code: Select all
pub=$(cat $USER_DATA/mail/$domain.pub | sed '/^-/d' | awk '{printf "%s", $1}')
Code: Select all
v-list-mail-domain-dkim-dns [username] [domain]
Code: Select all
mail._domainkey 3600 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0xV1NRp5dEcBG0f8WQBTtRHSIjwJx7Qzvh7uwD6XYGkHhQUYfzhj+0s/heNCgUaWKgaRheN8+wDrNm6VpGo/3ZUylWpEReE3GmS1ir/rbBjfNLxTBYUl9qVTo9F2iJ1n1qU2DeJaAAWGzwaqfBdVZVr1D9h6jdJVGLx3wAf+mjQIDAQAB"
Code: Select all
#!/bin/bash
# Usage: dkim domainname
user=$(ssh [email protected] -p 2200 "/usr/local/vesta/bin/v-search-domain-owner $1")
ssh [email protected] -p 2200 "/usr/local/vesta/bin/v-list-mail-domain-dkim-dns $user $1"