DKim and Centminmod

My website hostname is host.domain.com for domain.com

---

I used @eva2000's tool to generate a DKIM - https://community.centminmod.com/threads/automated-dkim-setup-with-opendkim.7011/

But I don't see it in mailtester or gmail's headers when I send test emails from Wordpress.

But if I use an online DKIM checking tool and enter my selector (default2025) and domain name, it shows the correct value:

Code (Text):

"v=DKIM1; k=rsa; p=ggmdf..."

What am I doing wrong? Do I need to wait for DNS propagation for Google?

 

I've already set up PTR through the host with the host name (host.domain.com).

SPF and DMARC pass through mail tester, but DKIM is missing even tho I used your tool to make it.

I'm using PHP mail (default Wordpress).

I've tried with WP Mail SMTP on the default setting (no SMTP) and without it (Wordpress default email sending) but I don't see DKIM in the email header and mail tester is saying it's missing.

Yea nginx@host.domain.com

Logging into SSH is root@host.domain.com

 

I'm getting a 9/10 score in mail tester.

Only issue is Your message is not signed with DKIM

 

Maybe a typo in the generation?

/etc/opendkim/keys/host.domain.com/default2025.txt

I'm seeing:

Code (Text):

default2025._domainkey    IN    TXT    ( "v=DKIM1; k=rsa; "
      "p=

There's an extra "

I don't think that's supposed to be there?

 

Or maybe it doesn't work with Cloudflare (proxy disabled).

I noticed Cloudflare DNS splits it up in two because of its length.

PS. I don't think the typo is in the dkim file that I'm using from /root/centminlogs

 

It doesn't look like the file opendkim.conf exists in /etc/

But there are contents in KeyTable and SigningTable

Email header marks Postfix, so I'd assume it'd work:

Code (Text):

Received: by host.domain (Postfix, from userid xxxx)

But I don't think the dkim generation is working or maybe it's Cloudflare DNS?

This is Alma9 btw.

 

I don't think you can proxy TXT records in Cloudflare, but the main IPs aren't CF proxied. I'm only using it for the DNS because the hosting provider doesn't offer DNS.

Code (Text):

cminfo versions
Installed:
  tcpdump-14:4.99.0-9.el9.x86_64                                                                                                                                                                                                                                                                                                                                         


1st:
131.00stable.b024 #Thu Jul 11 10:43:00 PM EDT 2024
..
last 10:
131.00stable.b062 #Thu Dec 26 08:59:29 PM EST 2024
131.00stable.b068 #Thu Jan 30 10:08:32 PM EST 2025
131.00stable.b070 #Thu Feb  6 09:40:34 AM EST 2025
131.00stable.b074 #Sat Mar  1 08:53:53 AM EST 2025
132.00stable.b078 #Sat Mar 29 12:37:44 AM EDT 2025
132.00stable.b078 #Sat Mar 29 12:48:09 AM EDT 2025
132.00stable.b081 #Tue Apr 29 06:25:28 PM EDT 2025
132.00stable.b091 #Sun Jun 22 01:02:33 PM EDT 2025
132.00stable.b095 #Wed Jul 23 01:41:31 AM EDT 2025
132.00stable.b095 #Wed Jul 23 02:28:00 PM EDT 2025

 

Code (Text):

ls -lAhrt /root/centminlogs | grep 'opendkim_'
-rw-r--r--. 1 root root 6.1K Jul 23 01:43 opendkim_230725-014348.log

I had to add .sh to opendkim for it to work.

But it didn't help

 

Using a tool like easydmarc.com or dmarcian.com I can see the updated record. But my outgoing emails from the server in Wordpress aren't being marked as having DKIM pass.

Mail testers are saying there's no DKIM and I can't see the DKIM header in Gmail.

DKIM, SPF, and Spam Assassin Validator - dkimvalidator.com

Code (Text):

Received: from host.domain.com (host.domain.com [x.xxx.xx.xx])
    by relay-1.us-west-2.tx-prod (Postfix) with ESMTPS id xxxxxx
    for <xxxxxx@dkimvalidator.com>; Sat, 26 Jul 2025 19:04:22 +0000 (UTC)
Received: by host.domain.com (Postfix, from userid xxxx)
    id xxxx; Sat, 26 Jul 2025 15:04:22 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 host.domain.com abcdefghijk
To: xxxxxx@dkimvalidator.com
Subject: Test Mail
Date: Sat, 26 Jul 2025 19:04:22 +0000
From: WordPress <wordpress@domain.com>
Message-ID: <xxxxxx@domain.com>
X-Mailer: PHPMailer 6.9.3 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8

This is the test mail from Site Name

DKIM Information:

Code (Text):

DKIM Signature

This message does not contain a DKIM Signature

Using plugin WP Test Email to send test emails.

 

Yea.

I did it again just now

Code (Text):

nprestart

The shortcode restarted nginx and php.

Still not valid DKIM from the testers.

Code (Text):

This message does not contain a DKIM Signature

 

Code (Text):

ls -lAhRt /etc/opendkim
/etc/opendkim:
total 16K
-rw-r-----. 1 opendkim opendkim 1.3K Jul 26 11:33 SigningTable
-rw-r-----. 1 opendkim opendkim  459 Jul 26 11:33 KeyTable
drwxr-x---. 3 root     opendkim 4.0K Jul 26 11:33 keys
-rw-r-----. 1 opendkim opendkim  396 Jul 23 01:43 TrustedHosts

/etc/opendkim/keys:
total 4.0K
drwxr-xr-x. 2 opendkim opendkim 4.0K Jul 26 11:33 host.domain.com

/etc/opendkim/keys/host.domain.com:
total 8.0K
-rw-------. 1 opendkim opendkim  511 Jul 26 11:33 default2025.txt
-rw-------. 1 opendkim opendkim 1.7K Jul 26 11:33 default2025

I'm seeing a /etc/opendkim.conf (creation date is July 26th 2025)

 

Still does not work tho.

Is there a guide to manually setting this up with centmin? I don't think the script is working unfortunately.

 

If I run the clean command, it resets to 2048.

Is it normal that this

Code (Text):

/usr/local/src/centminmod/addons/opendkim.sh

Returns a blank result?

What I've done is edit DKIM_LENGTH to 1024 and then ran opendkim.sh

I got the new 1024 key from the centmin log file and added it to Cloudflare.

But dkimvalidator.com and mail-tester.com still report no DKIM signature found.

I've even added the email address to SigningTable:

Code (Text):

host.domain.com default2025._domainkey.host.domain.com
*@domain.com default2025._domainkey.host.domain.com

Restarted dkim, postfix and nginx/php.

 

Bump