OpenDKIM Postfix & Centos

Posted on May 28, 2010 by Simon

Installing OpenDKIM from source on CentOS 5.5 to sign and verify emails with Postfix

This guide assumes you have CentOS 5.5 installed, a  working Postfix configuration and that you would like to sign mail for more than one domain. It was carried out with the following software versions:

  • Postfix 2.3.3
  • OpenDKIM 2.0.4
  • Sendmail (sources) 8.13.8
  • OpenSSL 0.9.8e

Important links:

Install other necessary software

# yum install sendmail-devel
# yum install openssl-devel

If you want to know exactly where the files belonging to a package are (OpenDKIM’s compiler should find them automatically):

# rpm -ql sendmail-devel
/usr/include/libmilter
/usr/include/libmilter/mfapi.h
/usr/include/libmilter/mfdef.h
/usr/lib/libmilter.a
/usr/lib/libsm.a
/usr/lib/libsmutil.a

Installing OpenDKIM

Download then extract OpenDKIM. Change to the extracted direcotry and run configure, make and then, as root, make install

$ tar -xzvf opendkim-2.0.4.tar.gz
$ cd opendkim
$./configure
$ make
$ su -
# make install
Pages: 1 2 3 4
This entry was posted in Guides, Server and tagged , , , , , . Bookmark the permalink.

6 Responses to OpenDKIM Postfix & Centos

  1. K says:
    October 6, 2010 at 4:54 pm

    Hi Simon,

    Thanks a lot for the great post this made it very easy to setup, the only thing confusing me at present and thats the

    _adsp._domainkey.example.com IN TXT “dkim=unknown”

    I’ve sent test emails to autorespond+dkim[at]dk.elandsys.com, and it comes back with

    DKIM Signature validation: DKIM-Signature could not be verified DKIM Author Domain Signing Practices: no DNS record for _adsp._domainkey.accepted.co.uk

    Do you have any idea on how to fix this, or what I might be missing?

    Thanks

  2. Simon says:
    October 6, 2010 at 8:30 pm

    Hi Kevin, glad you found the post useful :) It’s going to be hard for me to help you with out more info. Can I recommend you join the OpenDKIM mailing list. I’m there plus others who are even more qualified to help.

    Try mailing check-auth at verifier.port25 dot com too, then mail all relevant info to the mailing list

  3. K says:
    October 7, 2010 at 3:06 pm

    My Simon, This was a simple mistake my end, I had not setup the adsp entry in the DNS correctly.

  4. Simon says:
    October 7, 2010 at 3:10 pm

    Cheers for following up, happy signing.

  5. Thomas says:
    August 31, 2011 at 9:17 pm

    I used this to get DKIM up and going for our Marketing MTAs. Amazing work. I would say one thing that might answer someones random question. If you are signing lots of mail across a few MTAs do not use a DB for OpenDkim it will slow you down. WAY WAY down. Great work here tho.
    Cheerio

  6. Simon says:
    September 1, 2011 at 6:53 am

    Thanks for the tip :)

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>