What type of hardware are you using: VPS bought online What YunoHost version are you running: 12.0.12 How are you able to access your server: The webadmin
SSH Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: no
Describe your issue
I have created several subdomains for different apps. In the YunoHost domain settings, DNS records are recommended for all subdomains, including for DKIM. Unfortunately, the recommendation for the mail._domainkey record is missing for one subdomain. Emails sent from this subdomain (where my Mastodon is running) also don’t contain a DKIM signature in the header. It appears that DKIM is not configured for this subdomain at all.
How can I ensure that all emails from this subdomain are also signed with DKIM?
Is this a YunoHost/postfix/opendkim problem or is this an issue with the Mastodon app?
Can you check these files to see if there is a line for your sub domain in them :
/etc/dkim/keytable
/etc/dkim/signingtable
And also check if there is a dkim key file for your sub domain in /etc/dkim/ (that would be named sub.domain.mail.key)
If not, try to run this to check if your sub domain is in the list it returns : yunohost domain list --features mail_in mail_out --output-as json | jq -r ".domains[]"
Actually, after some testing on one of my yunohost servers, it seems that yunohost tools regen-conf opendkim --dry-run --with-diff does not show the changes it would do.
After you have checked the files I mentioned above, try to run the regen-conf without the --dry-run --with-diff options and check the files again.
I checked the code, it should not generate new keys for the domains that already have one.
Ok, there was no DKIM key file for this subdomain in /etc/dkim. So I ran sudo yunohost tools regen-conf opendkim. The command generated the missing key for my subdomain and left the existing keys unchanged.
I added the record to my DNS, checked the mxtoolbox and sent me a test mail. DKIM=PASS.
Thank you very much for your help! You are my hero of the day.
