OpenDKIM Postfix & Centos 5.5
Postfix configuration
Lines that need to be added to Postfix’s main.cf:
smtpd_milters = inet:localhost:20209 non_smtpd_milters = inet:localhost:20209 milter_protocol = 2 milter_default_action = accept
Starting OpenDKIM
You can now start OpenDKIM!
# service opendkim start
Then you will probably want to make sure it starts on boot also…
# chkconfig --level 2345 opendkim on
DKIM DNS entries
All being well your mail should be signed as it leaves and mail coming in should be checked. The last step is to announce that you sign your mail and publicise the public part of the key.
Simply ‘cat’ the public part of the key and add everything up to and including the last quotes as a ‘txt’ entry to your zone file. If you are using some kind of web interface to edit your zone file you might need to remove the quotes altogether.
# cat default.txt default._domainkey IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHY7Zl+n3SUldTYRUEU1BErHkKN0Ya52gazp1R7FA7vN5RddPxW/sO9JVRLiWg6iAE4hxBp42YKfxOwEnxPADbBuiELKZ2ddxo2aDFAb9U/lp47k45u5i2T1AlEBeurUbdKh7Nypq4lLMXC2FHhezK33BuYR+3L7jxVj7FATylhwIDAQAB" ; ----- DKIM default for example.co
DKIM TXT tag quick reference
A semi-colon separated list of tags. Multiple tag values separated by a colon.
v = (DKIM version: 'v=DKIM1') g = (granularity, defines a match for the left hand side of the '@') h = (hash algorithm: 'sha1' 'sha256') k = (key type: 'rsa') n = (notes) p = (public key) s = (service type: 'email') t = (flags: 'y' 's')
Finally add a DKIM ADSP record which should look something like this:
_adsp._domainkey.example.com IN TXT "dkim=unknown"
Sendmail’s DKIM tools linked at the start of this guide can help you create an ADSP record.
This Calmblue guide by Simon Bell is licensed under a Creative Commons Attribution-Share Alike 2.0 UK: England & Wales License
