Setup OpenDKIM With Postfix On Linux

This guide is going to work off the assumption that you already have a functional email server running with postfix on your server. This guide will show you how to setup OpenDKIM with postfix on a linux server

yum install epel-release
yum install opendkim

 

Now that opendkim is installed, you need to generate the dkim keys that you need to use to sign the emails with. There are multiple ways to do this. You can do it through the command line or you can use this service http://dkimcore.org/tools/keys.html.

mkdir /etc/opendkim/keys/example.com
chown -R opendkim:opendkim /etc/opendkim/keys/example.com
touch /etc/opendkim/keys/example.com/default

Open up this directory and open the file called “default”. Paste your private key into this file. For safe keeping you could also create another file called “public.txt” and pop the public key into this file so you can access it in the future if you need it.

Sometimes default permissions dont get correctly set. In the event that this happens run the following. There is no harm just running this query anyway.

chown -R opendkim:opendkim /etc/opendkim
chmod -R go-wrx /etc/opendkim/keys

Open up “/etc/opendkim.conf” and replace everything with the following

AutoRestart Yes
AutoRestartRate 10/1h
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
LogWhy Yes
Mode sv
PidFile /var/run/opendkim/opendkim.pid
SignatureAlgorithm rsa-sha256
SigningTable refile:/etc/opendkim/SigningTable
Socket inet:8891@localhost
Syslog Yes
SyslogSuccess Yes
TemporaryDirectory /var/tmp
UMask 022
UserID opendkim:opendkim

You now need to add a key to the keytable. This file is located in /etc/opendkim/keytable

default._domainkey.example.com example.com:default:/etc/opendkim/keys/example.com/default

You will also need to add a line to the signing table.
If the file doesnt exist, create it. “/etc/opendkim/SigningTable”

*@example.com default._domainkey.example.com

Open or create “/etc/opendkim/TrustedHosts” and add the following.

127.0.0.1
hostname1.example1.com
example1.com
hostname1.example2.com
example2.com

Add the following to your postfix main.cf file. This will instruct postfix to sign the emails with the DKIM key you setup.

smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
milter_protocol = 2

Thats all thats needed. Now run opendkim and restart postfix and you should be good to go.

service opendkim start
service postfix restart

 

Related Articles

Related Questions

How to Handle Unexpected 24/7 On-Call Duties?

I just got a new job and was surprised to learn that I'm expected to do 24/7 on-call support for the C-suite for one...

How can I access my old HDD on a new Windows 10 PC?

I built a new PC a couple of years ago, reusing some components from my old Windows 10 machine. Unfortunately, the external drive I...

How Can I Successfully Scrape Amazon Reviews Without Getting Blocked?

Hey folks! I'm having some serious trouble scraping reviews from Amazon using ScraperAPI, but it keeps getting blocked. Does anyone have suggestions on how...

1 COMMENT

  1. Hello, thanks for the detailed write up. I just tried this out, but after implementation I get this error SMTP Error: [451] 4.7.0 resource unavailable

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Tools

Scavenger Hunt Team Randomizer

Planning a scavenger hunt and need to split participants into random teams? Whether you're organizing a school activity, a corporate team-building event, or a...

File Hash Generator Online – Get Instant MD5 and SHA-256 Hashes

Whether you are validating downloads, checking for corruption, or comparing files for duplicates, having a fast and secure way to generate file hashes is...

Visual CSS Editor for Modern Glass UI Effects

Modern UI design is all about clean, layered aesthetics, and few styles deliver this better than glassmorphism. If you're designing sleek user interfaces and...

Fast and Accurate Tap BPM Counter – Free Web Tool

Whether you're producing music, DJing live, or just figuring out the tempo of a song, knowing the BPM (beats per minute) can be critical....

Glassmorphism CSS Generator with Live Preview

Glassmorphism is one of the most visually striking design trends in modern UI. Its soft, frosted-glass effect adds depth and elegance to web interfaces,...

Add Custom Speech and Caption Boxes to Any Image Online

Creating comic-style images used to require complex design tools or specialist software. Whether you're making memes, teaching graphics, social media posts or lighthearted content,...

Latest Posts

Latest Questions