I am building a mailserver with postfix, dovecot and opendkim using Ubuntu 22 LTS. Everything worked fine in my dev environment (same setup as far as I checked), but when I deployed it live, opendkim can not find the key for my domain.
In mail.log I found these errors:
Dec 27 19:47:28 mail opendkim[45695]: can't load key from /etc/opendkim/keys/my.domain/default.private": No such file or directory
Dec 27 19:47:28 mail opendkim[45695]: 65291400A5: error loading key 'default._domainkey.my.domain'
I double checked that the file exists, and even tried chmod -R 777 /etc/opendkim/keys just to be sure that I am not having permission issues, but it did not work. I even logged in a vmail user, and checked that I can read this file with any user (just testing).
My main.cf postfix configuration is
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:opendkim/opendkim.sock
non_smtpd_milters = $smtpd_milters
/etc/default/opendkim
RUNDIR=/run/opendkim
SOCKET="local:/var/spool/postfix/opendkim/opendkim.sock"
USER=opendkim
GROUP=opendkim
PIDFILE=$RUNDIR/$NAME.pid
EXTRAAFTER=
/etc/opendkim.conf
Syslog yes
SyslogSuccess yes
LogWhy yes
Canonicalization relaxed/simple
Mode sv
SubDomains no
OversignHeaders From
AutoRestart yes
AutoRestartRate 10/1M
Background yes
DNSTimeout 5
SignatureAlgorithm rsa-sha256
UserID opendkim
UMask 007
Socket local:/var/spool/postfix/opendkim/opendkim.sock
PidFile /run/opendkim/opendkim.pid
TrustAnchorFile /usr/share/dns/root.key
KeyTable refile:/etc/opendkim/key.table
SigningTable refile:/etc/opendkim/signing.table
What am I doing wrong, please?
