Multiple DKIM records in powermta

Creating multiple DKIM records in powermta can be somewhat confusing, especially when trying to include everything into one config without using external config files.

I like to use external files that set all clients, or vmta’s apart from each other.

Below I have included an example showing how to use multiple DKIM settings so each client or vmta can be signed differently.

Lets assume your vmta’s are setup already. They will look something like this:

<virtual-mta 1>
domain-key key1,domain.tld,/etc/pmta/keys/key1.domain.pem
smtp-source-host   192.168.0.1   1.mta.domain.tld
max-smtp-msg-rate 800/h
</virtual-mta>

In order to include a external config file we must first create one. In this example I call it client1.txt
All my external files contain all the domain and sending limits and off course the DKIM settings. Below is an example of such external file.

<virtual-mta 1>
    max-smtp-out 3
    max-msg-per-connection 100
    max-rcpt-per-message 10
    max-msg-rate 266/m
retry-after 25m    
bounce-after 1440m
max-connect-rate 10/m
max-errors-per-connection 10
backoff-reroute-to-virtual-mta domain.tld
#smtp-pattern-list backoff
backoff-to-normal-after-delivery yes
backoff-reroute-to-virtual-mta domain.tld
backoff-to-normal-after 5m
backoff-max-msg-rate 700/h
backoff-retry-after 15m
#smtp-421-means-mx-unavailable  yes
</domain>

domain-key key1,domain.tld,/etc/pmta/keys/key1.domain.tld
<domain *>
   dkim-sign yes 
   dkim-identity @domain.tld
</domain>
</code>

In order to use this external file we have to add it to our pmta config. We add this line to the vmta that you have assigned to that specific client.

include /etc/pmta/client1.txt

Your config will then look like something like this:

<virtual-mta 1>
domain-key key1,domain.tld,/etc/pmta/keys/key1.domain.tld
smtp-source-host   192.168.0.1   1.domain.tld
max-smtp-msg-rate 800/h
include /etc/pmta/client1.txt
</virtual-mta>

You can now go-ahead and configure your different DKIM settings. Simply create another .txt document IE client2.txt and add it to your vmta in your config file.

PMTA might not allow you to save the config file if you edit your config in your web browser under the Monitoring section. To save the config successfully you have to edit it via command line and then reload PMTA.
Also be sure to the place or upload the txt file to your server and make sure the path is correct.

Facebooktwitterredditpinterestlinkedinmail

11 thoughts on “Multiple DKIM records in powermta”

  1. Hi Mate,
    I’ve got a trial from PowerMTA and been trying to setup a Server for Interspire + PMTA

    I’m having utter confusion in getting outgoing PMTA mails to be DKIM signed.
    Say I have one Domain only (suc.nl) at the moment. I don’t need to have separate “include” file, what will be the text I shall input?
    I have this in my Pmta config

    ## —- suc.nl ——-

    host-name suc.nl
    # domain-key _domainkey,suc.nl,/etc/exim/domains/suc.nl/dkim.pem

    If I uncomment the domain key line, pmta won’t start

    The key file exists in the above mentioned location, and if I send email via EXIM on the same server, it is duly DKIM signed.I’d appreciate a pointer on how to get my DKIM up with PMTA…

    Many thanks

    1. Hi Gags,

      the format doesn’t look right to me. Try adding it like this:

      domain-key yourkey,yourdomains.tld,/path/to/key/yourkey.yourdomain.pem
      
         dkim-sign yes 
         dkim-identity @domain.tld
      
      

      Generate the key here and follow the right instruction on how to add it.
      Also run this from command line and paste the output if it wont start

      #pmtad --debug
      
      
  2. Hi mate,

    I made this in my config as per your suggestion but I still get “dkim=permerror”

    domain-key _domainkey,suc.nl,/etc/exim/domains/suc.nl/dkim.pem

    dkim-sign yes
    dkim-identity @suc.nl

    Don’t know what is wrong now…. please suggest

    1. Do you have an underscore in your line just before domainkey?? domain-key _domainkey,suc.nl,/etc/exim/domains/suc.nl/dkim.pem

      If you say you’re using exim, is pmta installed on the same server as cPanel? How did you setup your DKIM? in cPanel or manually?

      It could be a few things, difficult to say if I can’t see your config. Go to the contact us section and send me a link to your config on pastebin.

  3. Hello Mate, I try to add”include /etc/pmta/client1.txt” into config file but then pmta can not start. pmtad –debug show Startup error: Parse error in line 700 of /etc/pmta/config: unknown directive.
    Pls see below. How should I do ? thanks.

    # EOF

    domain-key mail1,domain.com,/etc/pmta/dkim/mail1.domain.com.pem
    smtp-source-host 142.4.124.222 mail1.domain.com

  4. # EOF

    domain-key mail1,domain.com,/etc/pmta/dkim/mail1.domain.com.pem
    smtp-source-host 142.4.124.222 mail1.domain.com

  5. Hello Mate,”include /etc/pmta/client1.txt” can not be be read ? I have uploaded client1.txt. do you know what’s the reason ?

  6. Is the file mail1.domain.com.pem in the folder /etc/pmta/dkim/? If yes, does it have the right read write rights?

Leave a Comment

Your email address will not be published. Required fields are marked *