How to change the default DKIM selector

Yes, it was later discovered that if only change /etc/opendkim/KeyTable, this will not last for a long time, it will automatically return to the mail selector
Therefore, we need to create a new file /etc/opendkim/KeyTable_new

We can also change the location of /home/user-data/mail/dkim/mail.private if we want
However, we cannot changed the file name of /home/user-data/mail/dkim/mail.txt, but we can change its content, which is displayed on the External DNS section of the website

Finally change the /etc/opendkim.conf file:
replace KeyTable refile:/etc/opendkim/KeyTable
to KeyTable refile:/etc/opendkim/KeyTable_new

sudo service postfix restart
sudo service opendkim restart

  1. Any idea what is overwriting /etc/opendkim/KeyTable?
  2. If we use /etc/opendkim/KeyTable_new, will it reflect newly added domains?
  3. Will these changes persist after an MIAB update?

I have an issue here and GMail is complaining my DKIM fails

Before you dig into this, you have to think about why going this route will solve your problem. What error is GMail giving?

There’s code in the mailinabox daemon that updates the file. The following Pull request contains all changes necessary to add a second selector, which should give you an idea of the impact. Note that it also replaces opendkim with dkimpy, so it does more than necessary to add a selector.
If you don’t change the code, the maintenance code will overwrite the changes you make to the KeyTable file at least if something changes to the domains on the box.

  1. It said mail was rejected because sender must be authenticated using SPF or DKIM
  2. My DNS currently already has mail._domainkey... defined for another sender, DKIM will never pass
  3. I managed to add a custom selector and mails have been accepted by gmail
  4. What I need now is a proper solution

Regarding 2: you might be able to reuse the dkim keys? That is, use the same on both senders. But you might not want that, or perhaps your other sender is rotating keys?

So assuming you have it all working: your concern is the overwriting of the Keytable file? You can use a Keytable_new file by changing the configuration in /etc/opendkim.conf: ‘KeyTable refile:/etc/opendkim/KeyTable_new’
This change is (currently) not overwritten on a mainabox update.

If something changes in the Keytable file because you added or removed domains, you need to add them yourselves to the Keytable_new file.