The generator mounts a folder to /tmpto get it back on your host.
Once you have, this folder is re-mounted to /tmp and files are copied to /etc and permissions applied.
Have a look to https://github.com/tomav/docker-mailserver/blob/v2/target/start-mailserver.sh#L82-L95

Could you paste your docker-compose.yml and a tree ouput of your config directory.

You should not experience your issue. Perhaps we've missed something.

Thanks

The generator mounts a folder to /tmp to get it back on your host.
Once you have, this folder is re-mounted to /tmp and files are copied to /etc and permissions applied.

yes and that is not the problem. My problem is the content of /etc/opendkim/KeyTable:

mail._domainkey.example.org example.org:mail:/tmp/docker-mailserver/opendkim/keys/example.org/mail.private
should be
mail._domainkey.example.org example.org:mail:/etc/opendkim/keys/example.org/mail.private

otherwise it will always complain about permission issues since he tries to load the key from tmp and not from etc

I can confirm this issue.
My syslog tells me:

May  1 13:06:35 vps opendkim[463]: can't load key from /tmp/docker-mailserver/opendkim/keys/example.com/mail.private: Permission denied
May  1 13:06:35 vps opendkim[463]: F186B201FBF: error loading key 'mail._domainkey.example.com'

Why don't we edit the generate-dkim-config script to write the right path to the KeyTable file?

Why don't we edit the generate-dkim-config script to write the right path to the KeyTable file?

ups kinda missed that this is part of the docker-mailserver as well.
that is actually the better approach cheers!

Thanks @diiigle, well spotted!