This guide is going to work off the assumption that you already have a functional email server running with postfix on your server. This guide will show you how to setup OpenDKIM with postfix on a linux server
yum install epel-release yum install opendkim
Now that opendkim is installed, you need to generate the dkim keys that you need to use to sign the emails with. There are multiple ways to do this. You can do it through the command line or you can use this service http://dkimcore.org/tools/keys.html.
mkdir /etc/opendkim/keys/example.com chown -R opendkim:opendkim /etc/opendkim/keys/example.com touch /etc/opendkim/keys/example.com/default
Open up this directory and open the file called “default”. Paste your private key into this file. For safe keeping you could also create another file called “public.txt” and pop the public key into this file so you can access it in the future if you need it.
Sometimes default permissions dont get correctly set. In the event that this happens run the following. There is no harm just running this query anyway.
chown -R opendkim:opendkim /etc/opendkim chmod -R go-wrx /etc/opendkim/keys
Open up “/etc/opendkim.conf” and replace everything with the following
AutoRestart Yes AutoRestartRate 10/1h Canonicalization relaxed/simple ExternalIgnoreList refile:/etc/opendkim/TrustedHosts InternalHosts refile:/etc/opendkim/TrustedHosts KeyTable refile:/etc/opendkim/KeyTable LogWhy Yes Mode sv PidFile /var/run/opendkim/opendkim.pid SignatureAlgorithm rsa-sha256 SigningTable refile:/etc/opendkim/SigningTable Socket inet:[email protected] Syslog Yes SyslogSuccess Yes TemporaryDirectory /var/tmp UMask 022 UserID opendkim:opendkim
You now need to add a key to the keytable. This file is located in /etc/opendkim/keytable
You will also need to add a line to the signing table.
If the file doesnt exist, create it. “/etc/opendkim/SigningTable”
Open or create “/etc/opendkim/TrustedHosts” and add the following.
127.0.0.1 hostname1.example1.com example1.com hostname1.example2.com example2.com
Add the following to your postfix main.cf file. This will instruct postfix to sign the emails with the DKIM key you setup.
smtpd_milters = inet:127.0.0.1:8891 non_smtpd_milters = $smtpd_milters milter_default_action = accept milter_protocol = 2
Thats all thats needed. Now run opendkim and restart postfix and you should be good to go.
service opendkim start service postfix restart