I am working on getting an email server to send email from php
Centos 7
php 7.2
Exim version 4.92
Opendkim
If i change this line in my exim.conf file it will change the error so I know the error is coming from there
dkim_private_key = /etc/opendkim/keys/domain.com/default.private
The error:
2019-08-24 00:01:33 1i1NF6-000241-Vr unable to open file for reading: /etc/opendkim/keys/domain.com/default.private
Permissions:
-rw-r--r-- 1 opendkim opendkim 887 Aug 23 22:48 /etc/opendkim/keys/domain.com/default.private
I have changed the ownership to exim:exim
Changed the permission to 777
Restarted exim and opendkim after each change
Nothing seem to help
[root@mail ~]# ll -d /etc/
drwxr-xr-x. 86 root root 8192 Aug 24 00:06 /etc/
[root@mail ~]# ll -d /etc/opendkim/
drwxr-xr-x 3 root opendkim 107 Aug 23 22:51 /etc/opendkim
[root@mail ~]# ll -d /etc/opendkim/keys/
drwxr-x--- 3 opendkim opendkim 29 Aug 23 22:48 /etc/opendkim/keys/
[root@mail ~]# ll -d /etc/opendkim/keys/example.com/
drwxr-xr-x 2 opendkim opendkim 63 Aug 23 22:49 /etc/opendkim/keys/example.com/
[root@mail ~]# ll /etc/opendkim/keys/example.com/
-rw-r--r-- 1 opendkim opendkim 887 Aug 23 22:48 default.private
-rw-r--r-- 1 opendkim opendkim 319 Aug 23 22:48 default.txt
Best Answer
Exim reads the key only when it is needed. This means that all keys and certificates must be available for the non-root user exim runs as (which is
eximon Red Hat derivative systems if memory serves).Since the
/etc/opendkim/keys/directory is executable only foropendkimand its group, the exim process won't be able to enter to that directory, so it won't be able to read the key.Making the
/etc/opendkim/keysdirectory accessible to theeximuser will probably help (add theeximuser to theopendkimgroup for example).