Difference between revisions of "DKIM with postfix"
Line 38: | Line 38: | ||
Note: host.mydomain.com should be your actual hostname. | Note: host.mydomain.com should be your actual hostname. | ||
− | Set TXT record for your domain. | + | Set TXT record for your domain from the file '''/etc/opendkim/keys/mydomain.com/default.txt'''. |
Domain field: | Domain field: | ||
default._domainkey | default._domainkey | ||
Value field: | Value field: | ||
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh3kJR4v0HW+sw5LmSPtM3uPeAZrwfU+yWkVk1AMyqSTRDO74JJCJl55gWSdB4+fGQ6uV5HvjvtKSHztJ+0jxrK0bOOeUgkIjsAqnk1xGPIO/YMp81zJneQ5Bli0crCsXDM3ipT73vUC/iuU1/R9uecB+aRszgZmoLQaDGK2WxjwIDAQAB | v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh3kJR4v0HW+sw5LmSPtM3uPeAZrwfU+yWkVk1AMyqSTRDO74JJCJl55gWSdB4+fGQ6uV5HvjvtKSHztJ+0jxrK0bOOeUgkIjsAqnk1xGPIO/YMp81zJneQ5Bli0crCsXDM3ipT73vUC/iuU1/R9uecB+aRszgZmoLQaDGK2WxjwIDAQAB | ||
+ | |||
+ | Check TXT record: | ||
+ | dig +short default._domainkey.example.com TXT | ||
+ | |||
+ | [[Category:Linux]] |
Revision as of 16:14, 20 June 2014
Install DKIM
# yum install opendkim
Backup the original conf file.
# cp /etc/opendkim.conf{,.bak}
Open /etc/opendkim.conf and make it look like below:
AutoRestart Yes AutoRestartRate 10/1h LogWhy Yes Syslog Yes SyslogSuccess Yes Mode sv Canonicalization relaxed/simple ExternalIgnoreList refile:/etc/opendkim/TrustedHosts InternalHosts refile:/etc/opendkim/TrustedHosts KeyTable refile:/etc/opendkim/KeyTable SigningTable refile:/etc/opendkim/SigningTable SignatureAlgorithm rsa-sha256 Socket inet:8891@localhost PidFile /var/run/opendkim/opendkim.pid UMask 022 UserID opendkim:opendkim TemporaryDirectory /var/tmp
Generate keys
# mkdir /etc/opendkim/keys/example.com # opendkim-genkey -D /etc/opendkim/keys/example.com/ -d example.com -s default # chown -R opendkim: /etc/opendkim/keys/example.com # mv /etc/opendkim/keys/example.com/default.private /etc/opendkim/keys/example.com/default
Open the file /etc/opendkim/KeyTable and add the following lines but with your domain instead of example.com:
default._domainkey.example.com example.com:default:/etc/opendkim/keys/example.com/default
Open the file /etc/opendkim/SigningTable and add the following line:
*@example.com default._domainkey.example.com
Open the file /etc/opendkim/TrustedHosts and make sure you have:
127.0.0.1 mydomain.com host.mydomain.com
Note: host.mydomain.com should be your actual hostname.
Set TXT record for your domain from the file /etc/opendkim/keys/mydomain.com/default.txt. Domain field:
default._domainkey
Value field:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh3kJR4v0HW+sw5LmSPtM3uPeAZrwfU+yWkVk1AMyqSTRDO74JJCJl55gWSdB4+fGQ6uV5HvjvtKSHztJ+0jxrK0bOOeUgkIjsAqnk1xGPIO/YMp81zJneQ5Bli0crCsXDM3ipT73vUC/iuU1/R9uecB+aRszgZmoLQaDGK2WxjwIDAQAB
Check TXT record:
dig +short default._domainkey.example.com TXT