When trying to validate DKIM key, the plugin will allways warn "insecure key", even if the key is validated correctly.
That's because the key has not been received with DNSSEC, and so it is "insecure".
To resolve this issue, one must add "TrustAnchorFile" configuration to /etc/opendkim.conf
Unfortunately, it seems like opendkim has not been compiled/configured with ubound (--with-unbound), so it cannot resolve DNSSEC and the warning will not go away.
May I suggest that next version of the plugin adresses this issue ? As a bonus, it would be awsome to be able to actually SIGN emails with openDKIM when using a signed dns zone for the domain (DNSSEC is not implemented within I-MSCP, but it's possible to make it work with a little bit of configuration...)