ISPConfig3 — Aamavisd –Can’t open PEM file

If you haven't already...
Set up an Affiliate Account or Set up a Small Business account.
Posted on November 23, 2017 by admin under ISPConfig
Leave a comment

The full error on my system was;

ispconfig3 amavisd: Error in config file “/etc/amavisd/amavisd.conf”: Error in config file “/etc/amavisd/60-dkim”: Can’t open PEM file /var/lib/amavis/dkim/ Permission denied at /usr/sbin/amavisd line 637.


I ran into this issue a couple of times, so i figured I would write it down.

For some reason in my version of ISPConfig3, version 3.1, once I enable DKIM signing my amavisd service fails to start causing mail problems.

You can find several places out there that go through the process and they likely all work fine, but I decided to take a slightly different tack on this and only change the group onwership. Also, most of the posts about the subject only say to change the owner of the dkim folder. In my case that would not have worked anyway as the amavis account didn’t have access to the amavis folder.

My solution was to take advantage of User Private Groups, UPG’s. When a new user is created, a group by the same name is also created. This is a UPG.

I took advantage of the UPG’s and set the group ownership to the amavis UPG recursively from the /var/lib/amavis folder.

chgrp -R amavis /var/lib/amavis

Once done, I restarted the amavis service and all worked properly.

service amavisd restart


Leave a Reply

Please Login to comment
Notify of