Anonymous
×
Create a new article
Write your page title here:
We currently have 28 articles on PhenixOps. Type your article name above or click on one of the titles below and start writing!



PhenixOps
28Articles

To setup open dkim a couple of steps have to be made to install and configure the service and get it running. The example domain is noordwijk.nl, change it to yours.

First, get the package installed, using debian as OS here.
sudo apt-get install opendkim

Create some dirs and set ownership
mkdir /etc/dkimkeys chown opendkim.opendkim /etc/dkimkeys

A key needs to be generated per domain
sudo -u opendkim opendkim-genkey -D /etc/dkimkeys -d noordwijk.nl -s 2020

Domain                  noordwijk.nl
Selector                2020
KeyFile                 /etc/dkimkeys/2020.private
Socket                  inet:8891@localhost

Make a backup of the original config
cp -rp /etc/postfix/main.cf /etc/postfix/main.cf_bak

Add the new config parts
vi /etc/postfix/main.cf

smtpd_milters = inet:localhost:8891
non_smtpd_milters = $smtpd_milters


Restart services to activate
systemctl restart opendkim systemctl restart postfix

Following text record needs to go into the DNS Zonefile
user@host:~# cat /etc/dkimkeys/2020.txt

2020._domainkey IN      TXT     ( "v=DKIM1; k=rsa; "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqcS4IGfYnGeToHq7lziTCithEA5esxonnQjtp8hbVSGNDXeAAXQvdzg34QkpS/GCtsRa28XmnTw451dUDei/IE3CUrVet4SaYurERKzpwoBHyAMGCQgqgUzhGXpAOcL50XHXTtjZ9h1rdwyfTlg9YNosXrEXyF7Rt5YJOa/n3UQIDAQAB" )  ; ----- DKIM key 2020 for noordwijk.nl


Put the keys in the keytable
vi /etc/dkimkeys/keytable

2020._domainkey.noordwijk.nl noordwijk.nl:2020:/etc/dkimkeys/2020.private
2022._domainkey.lostlemon.nl lostlemon.nl:2022:/etc/dkimkeys/2022.private


Create the signingtable
vi /etc/dkimkeys/signingtable

*@lostlemon.nl 2022._domainkey.lostlemon.nl
*@test03lostlemon.nl 2022._domainkey.lostlemon.nl
*@noordwijk.nl 2020._domainkey.noordwijk.nl


Decide which hosts are allowed, localhost has to be included!
vi /etc/dkimkeys/trustedhosts

127.0.0.1/8
85.90.72.92/27
172.16.1.1/24


Have OpenDkim allowing domains
vi /etc/opendkim/opendkim.conf

KeyTable file:/etc/dkimkeys/keytable
SigningTable refile:/etc/dkimkeys/signingtable 
InternalHosts refile:/etc/dkimkeys/trustedhosts


E-Mail
SystemAdministration