I've been facing a number of problems on a fresh intall for five days and I'm starting to despair, so I sure hope someone can advice on a new problem. DKIM won't start through the Virtualmin form, I get the following error. . .
Starting DKIM filter .. .. start failed : Starting dkim-milter (via systemctl): Job for dkim-milter.service failed. See 'systemctl status dkim-milter.service' and 'journalctl -xn' for details. [FAILED]
Checking systemctl I get this. . .
Jan 13 10:03:32 en3.example.com systemd[1]: Starting SYSV: DomainKeys Identified Mail Milter... Jan 13 10:03:32 en3.example.com runuser[31821]: pam_unix(runuser:session): session opened for user dkim-milter by (uid=0) Jan 13 10:03:32 en3.example.com dkim-milter[31820]: Starting DomainKeys Identified Mail Milter (dkim-filter): dkim-filter: smfi_opensocket() failed Jan 13 10:03:32 en3.example.com dkim-milter[31820]: [FAILED] Jan 13 10:03:32 en3.example.com systemd[1]: dkim-milter.service: control process exited, code=exited status=1 Jan 13 10:03:32 en3.example.com systemd[1]: Failed to start SYSV: DomainKeys Identified Mail Milter. Jan 13 10:03:32 en3.example.com systemd[1]: Unit dkim-milter.service entered failed state.
Hopeing someone can advise.
Doing some further investigation, I checked the /run/dkim-milter directory and the last modified date is 2010 (this is a fresh VPS install in 2015!). Investingating further the status of dkim-milter it appears to be a dead project and the bugs are catastrophic.
DKIM is now a critical part of mail delivery and should not be considered an 'option' (for example, Hotmail automatically null route any email not DKIM signed). Recommend Virtualmin team consider urgently removing dkim-milter and replacing with opendkim, this issue appears to be dead in the water otherwise.
Howdy,
Virtualmin uses either dkim-milter or opendkim, depending on which is available in that particular distributions.
Newer distributions do come with opendkim.
Which distribution/version is it that you're using there?
-Eric
CentOS 7
Hi Lanna,
Did you solve the problem? In my case (CentOS 7 too), dkim started only first time after installation. After reboot I received similar errors. After research I saw that folder /var/run/dkim-milter is missing. If this is your case too, I resolved my problem creating a small script:
#!/bin/bashmkdir /var/run/dkim-milter
chown dkim-milter:dkim-milter /var/run/dkim-milter
This script must be put in cron and run (as root) @restart
Regards, Lucrian
hi Lucrian, why a script at boot?
not enough to create the dir and chown? please explain... it's deleted at start that directory and why?
thanks
I did it and service...
Loaded: loaded (/etc/rc.d/init.d/dkim-milter) Active: activating (start) since Wed 2015-06-10 23:35:39 CEST; 47s ago
but....
"can't write pid to /var/run/dkim-milter/dkim-milter.pid: No such file or directory"
and the directory is empty... so, how to fix?
I had same problem and then just removed this old and obsolete script dkim-milter what was abandoned for several years. Aside of this, dkim-milter was the main and only culprit why my Virtualmin would not start with server reboot until manual start over SSH. For Lanna or anyone else on Centos 7 i would like to suggest to forget dkim-milter and switch to his successor OpenDKIM. In this links you can find all info how to setup OpenDKIM in literally few minutes: http://goo.gl/tfo3W9. Tested on fresh Centos 7 with Virtualmin/Webmin and never had any problem. The only "downside" if you want to call in this way is you will not be able to configure OpenDKIM with Virtualmin. But if you dont have dozens or hundreds domains you will be able to setup everything in no time. Really, its just 3 or 4 commands per domain with one copy and paste into your DNS.
I know that "virtualmin will install what comes with your distro" but i dont think it would be a problem to change this. Sorry but Centos 7 is new on the market and there is no real excuse to have 2-3 years old script on your server. If anyone has a solution how to make Virtualmin to work with OpenDKIM on Centos 7 it would be great to hear. EDIT: Actually time i saw on dkim-milter on my server was from 2010 so its 5 years not 2-3.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Howdy,
Yeah CentOS 7 is using the dkim-milter script that was used with CentOS 6, as it was known to work there.
However, it certainly looks like there's some trouble in getting it to work on CentOS 7. I'll talk to Jamie about switching that over to use opendkim, as opendkim is available in EPEL and will be relatively simple to import into the Virtualmin repository.
-Eric
Great news Eric. It would be great if we can get OpenDKIM at least for Centos 7. These days if you send email without rDNS, SPF and DKIM there is big chance your mail will end in spam folder or deleted.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
I successfully installed opendkim using virtualmin control panel. However still fail to start the service. When I try to enable dkim, I see following error.
Finding virtual servers to enable DKIM for ..
.. no virtual servers with DNS and email enabled were found, but enabling for 3 extra domains
Extracting public key from private key in /etc/opendkim/keys/default.private ..
.. done
Setting domain and selector in DKIM filter configuration ..
.. done
Enabling DKIM filter at boot time ..
.. done
Starting DKIM filter ..
.. start failed : Job for opendkim.service failed. See 'systemctl status opendkim.service' and 'journalctl -xn' for details.
DKIM setup failed!
Can you help me solve this problem? I'm using centos7
I think following chown solved the problem.
chown opendkim /etc/dkim-domains.txtI got information from here https://virtualmin.com/node/36456
It seems working but Is this ok for now?
thanks
Howdy,
Yeah that's a good solution -- we're looking into a long-term fix for that.
-Eric
ok, thank Eric
well, the problem seems to be that postfix starts before the dkim-milter? Can you confirm?
BECAUSE...
1) the directory /var/run/dkim-milter was not there...
2) at first I tried to create it manually
mkdir /var/run/dkim-milterchown dkim-milter:dkim-milter /var/run/dkim-milter
but at the reboot it got deleted ! (why?)
3) so i put that in the script and @reboot /path/to/script.sh from crontab
4) after the reboot the directory was there...
5) BUT the dkim-milter didn't start properly
service Active: activating...and alsodkim-filter[1133]: can't write pid to /var/run/dkim-milter/dkim-milter.pid: No such file or directory6) I tried to save again with Virtualmin DomainKeys Identified Mail
7) again failed to start because of
dkim-filter[4671]: Sendmail DKIM Filter: Unable to bind to port inet:8891@localhost: Address already in usethe PID 1133 was still there...8) I had to kill the PID 1133
9)
service dkim-milter stopservice dkim-milter start
service postfix restart
and now is active running... the dkim-milter.pid is regularly inside the /var/run/dkim-milter directory
who's able to explain what's the issue here? Do I need to do all this at any reboot OR how to avoid this stuff? thank you
Hi 7stars,
I don't know why that folder is deleted at every reboot. My solution probably isn't the best, but is working for me.
For you... I have one more suggestion :)
disable auto-start postfix
at the end of the cron script, start postfix
Maybe this will work fine for you.
maybe when you save in "DomainKeys Identified Mail" should you do
service dkim-milter stopservice dkim-milter start
service postfix restart
?
maybe this the issue with Centos 7 ? I would know if I can avoid to do those steps every time... I hope...
unfortunately the same...
apart from the fact that at the end of the script I wrote
service postfix startbut it didn't start... why? can't be started from the sh script in that way?then, the problem is always a bad PID which is there to do nothing
dkim-filter[2070]: can't write pid to /var/run/dkim-milter/dkim-milter.pid: No such file or directoryagain, I had to kill that 2070 and go on with service stop/start postfix start or restart...
please, andreychek or Jamie.. can you help to avoid to do this any time? thanks
I found that in dkim-filter.conf
# BaseDirectory /var/run/dkim-filterso the BaseDirectory is commented with #...
maybe the issue?
well, on my server was /usr/bin/service
it's the same.. to get it working at every boot I have to do:
1) no need to manually start postfix (so apparently the start order is not related to this issue)
2)
service dkim-milter status3) check the bad PID
4)
kill PID5)
service dkim-milter stopservice dkim-milter start
service postfix restart
and with this it's working as usual. And also the Virtualmin Save works....
anyway, I didn't try to uncomment "BaseDirectory"...
if I can avoid to do this at every boot is really appreciated (even if I reboot a few in a long time...)
thanks
You may try to see what's happening. If is not good, you may comment it back.
if you need to stop and start many processes, add then in script.
First of all, disable auto-start those services. If you don't disable auto-start at reboot, it will not work. Disable postfix and dkim-milter
At the end of the script use:
systemctl start dkim-miltersystemctl start postfix
Lucrian, maybe you're right.. 'cause if that directory is deleted at reboot, maybe the dkim-milter starts before the directory creation... and so that PID behaves badly... we should understand why that directory is deleted.
i will do it...
how is your /etc/mail/dkim-milter/dkim-filter.conf ? thanks
The most of file is commented, except:
KeyFile /etc/dkim.keyKeyList /etc/mail/dkim-milter/keys/keylist
Selector qwerty
SocketĀ local:/var/run/dkim-milter/dkim-milter.sock
If you are on Centos 7 remove DKIM-Milter and install OpenDKIM what is actually his successor. DKIM-Milter is several years old and obsolete software. Even if you are on Centos 6 you can install and use OpenDKIM without any problem.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Diabolico, really it works fine... the only problem is to understand why guys at Virtualmin didn't have a look at the .conf ...if the generic conf was good or bad...
IF the commented BaseDirectory is a problem... and why that directory /var/run/dkim-milter is not there at boot..
then, it does its work as usual... I don't think that ATM I need to change the software for such a reason...the workaround is there but I think that's something on the conf...
Honestly, I can't reboot the server many times just to test this... maybe i will test it on local
so, in the virtualbox ...installing Virtualmin, for CentOS 7 now it installs opendkim by default
I have all updated on my server, even Virtualmin...
it means that if I remove dkim-milter then if I go to DomainKeys Identified Mail, it installs opendkim instead of dkim-milter?
was so easy... but since no updates by andreychek on this topic I lost time...
it was enough to
service dkim-milter stopyum remove dkim-milter
and going to "DomainKeys Identified Mail" the last Virtualmin version installs opendkim now.
No problems at all. Kind regards
p.s.: remember that if you do this, you have to update the DKIM TXT record for any external domain (those on remote DNS servers) 'cause the new generated key is different. Sorry andreychek, I didn't see this on 4.16 changelog... "Fixed bugs setting up OpenDKIM on CentOS 7 systems."
it means that if I remove dkim-milter then if I go to DomainKeys Identified Mail, it installs opendkim instead of dkim-milter? Yes. But you could do this by yourself long time ago and not wait for Virtualmin to change this for Centos 7 (on Centos 6 is still DKIM-Milter last time i check). I said same thing before 4 months. Doesnt make sense to install old and obsolete software on new OS like Centos 7.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Diabolico, thank you. Honestly, I wasn't even aware of this issue 'cause I didn't notice any anomaly with the mail server, all the emails were successfully sent.
as already stated "I didn't see this on Virtualmin 4.16 changelog... "Fixed bugs setting up OpenDKIM on CentOS 7 systems."
thanks, bye bye lol
installing the opendkim on CentOS 7, if you're running Spamassassin you can find this issue on maillog https://bugzilla.redhat.com/show_bug.cgi?id=1200167
do steps on Comment 29...
;-) bye
how to fix
service dkim-milter start Starting DomainKeys Identified Mail Milter (dkim-filter): dkim-filter: no such group `dkim-milter' [FAILED]