opendkim-testkey: [path]/dkim.key: open(): permission denied

Question

I installed postfix on an Ubuntu 16.04 LTS server and tested the default settings. I was able to send a test email successfully. Then I wanted to add dkim, which is where I started running into a problem. My emails don't seem to be getting signed.

When I run

opendkim-testkey -d mydomain.com -s mail -vvv

I get

opendkim-testkey: /etc/postfix/dkim.key: open(): Permission denied

Ownership and permissions for /etc/postfix/dkim.key

-rw------- 1 opendkim opendkim   887 Sep  7 16:07 dkim.key

Postfix is also a part of the opendkim group

postfix : postfix opendkim

I hope someone has an idea, because I'm here scratching my head on this one.

Answer 1

So, the problem was in /etc/opendkim.conf

I forgot to uncomment and edit some lines:

# Sign for example.com with key in /etc/dkimkeys/dkim.key using
# selector '2007' (e.g. 2007._domainkey.example.com)
Domain                  mydomain.com
KeyFile                 /etc/dkimkeys/dkim.key
Selector                mail

These were originally all commented out. I had previously purged and reinstalled opendkim and forgot this step.

Hopefully this will give someone else some help when they have a brain fart like me! ;-)

Answer 2

In my case only this helped me

chown -R opendkim:opendkim /etc/opendkim
chmod 0750 /etc/opendkim/keys
chmod 0600 /etc/opendkim/keys/default.private