[BlueOnyx:25936] Re: DKIM key cached

Robert Fitzpatrick robert at webtent.org
Tue Jan 17 14:12:08 -05 2023 

Michael Stauber wrote on 1/16/2023 2:05 PM:
> Hi Robert,
> 
>> I've got a site set up on a 5211R where it used to be domain.com and 
>> is now domain.net, but DKIM still signing as the .com domain. I've 
>> tried to disable, the key gets removed from DNS and creates with same 
>> key when enabled again with create key ticked. How can I get a new key?
> When you rename a Vsite in the GUI or when it's email server aliases 
> change (or if DKIM is disabled and re-enabled for that Vsite) the files ...
> 
> /etc/opendkim/KeyTable
> /etc/opendkim/SigningTable
> 
> ... will be edited and the domain name and aliases will be updated. As 
> long as there is still *something* ("Email Server Alias" for example) 
> that uses the old domain name, then the OpenDKIM key itself won't be 
> regenerated.
> 
> If you *really* want to force it to generate a new key? Disable DKIM for 
> the all Vsites that use the same domain name of that name and then 
> manually delete the directory /etc/opendkim/keys/<domain-name>
> 
> When you then enable DKIM again for that Vsite, it'll generate a new key.
> 

Thanks Michael. Done this and very strange. Only one vsite for 
tampabaywebhosting.net on the server now with no other domain aliases 
besides. I tried to look at it from /etc/opendkim and Postfix. I did 
find tampabaywebhosting.com in both the KeyTable and SigningTable file, 
even after removing any aliases. Afterward I made sure not present and 
reloaded Postfix ...

[root at tbwh opendkim]# tree .
.
├── keys
│   └── tampabaywebhosting.net
│       ├── default.private
│       └── default.txt
├── KeyTable
├── SigningTable
└── TrustedHosts
[root at tbwh opendkim]# grep -r tampabaywebhosting.com .
[root at tbwh opendkim]# postfix reload
postfix/postfix-script: refreshing the Postfix mail system

And the error thrown now when sending SMTP...

Jan 17 14:02:39 tbwh opendkim[382434]: can't load key from 
/etc/opendkim/keys/tampabaywebhosting.com/default.private: No such file 
or directory

Even after a stop/start on Postfix. Where is that coming from?

-- 
Robert

More information about the Blueonyx mailing list