DKIM: Difference between revisions

From DWIKI
Line 13: Line 13:
=Howto=
=Howto=
  cd /etc/opendkim/keys
  cd /etc/opendkim/keys
  opendkim-genkey  
 
The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files
  opendkim-genkey -s somename -d domain.name
 
==SigningTable==
#somename is the first field in Keytable
 
*@domain.nl somename
 
==KeyTable==
Here the name of the selector is the one you publish in dns
lookupname domain.name:selectorname:/path/to/somename.private
 
 
=Checking=
opendkim-testkey -v
 
This will try to fetch the key published in DNS!
 
=FAQ=
=FAQ=
==opendkim: no signing table match for==
==opendkim: no signing table match for==

Revision as of 15:36, 11 March 2019

DomainKeys Identified Mail

Links

Howto

cd /etc/opendkim/keys

The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files

opendkim-genkey -s somename -d domain.name

SigningTable

  1. somename is the first field in Keytable
*@domain.nl somename

KeyTable

Here the name of the selector is the one you publish in dns

lookupname domain.name:selectorname:/path/to/somename.private


Checking

opendkim-testkey -v

This will try to fetch the key published in DNS!

FAQ

opendkim: no signing table match for

In opendkim.conf use:

refile:/etc/opendkik/SigningTable


opendkim-testkey key not secure

Probably means you have no DNSSEC