However, while testing my mail server configuration with different tools, I am told that the DKIM signature is invalid.
Knowing (a little) the OpenDKIM tool, I’m looking for a little (because no configuration is possible from Hestia; I realize that OpenDKIM is not installed so I don’t know how all this is configured and how to correct the thing.
DKIM has to be set within your domains nameserver settings. if you use an external dns service (like from your provider) you need to get the correct values from hestia ( v-list-mail-domain-dkim-dns ) and put them into your dns records.
if I remember correctly Hestia does not use opendkim at all.
the good thing is, hestia is taking care of generating that record for you and if you use internal dns-servers it should work out of the box.
for external dns server you simply need to add the according DKIM entry to your domain and for that you can use the command given above to see the generated entry.
I don’t have a problem with the verification (I already know that the DKIM signature is invalid), it’s how to change the signature so that it is good ^^
first things first: you should have set up your domain dns records, pointing to your IP and have a mail.domain.fr record as well.
in hestia you need to have that domain set up as mail domain and activate DKIM for it…
in the command line the syntax is: v-list-mail-domain-dkim-dns username domain.fr
no mail.xxx here, just the plain domain. it should output something like:
RECORD TTL TYPE VALUE
_domainkey 3600 IN TXT “t=y; o=~;”
mail._domainkey 3600 IN TXT “k=rsa; p=MIGkjhgkjhCSqGSIbkjhkjh3DQEBAQUAA4GNADCBiQKBkjhkjhjkgQDD84UbXunHN+4CPLN2JkjAk1hSgB/xHBXwonrNZSZT36JeuPXXgAWUR+ZhHmqN8vntPkRFeYalo7pDYvR3F0Jj+eeEL85+koOHU7qTxLrZFKyuYMTzClyELAJxS2Ihc0R/P6fo1ur5kaaJptsAaTuXUbLbawIDAQAB”
from that you want to copy the “k=rsa; p=xxxx” part and add it as TXT entry to your domain dns under the record mail._domainkey as well.