DKIM: Difference between revisions
From DWIKI
m (→Howto) |
|||
Line 13: | Line 13: | ||
=Howto= | =Howto= | ||
cd /etc/opendkim/keys | cd /etc/opendkim/keys | ||
opendkim-genkey | |||
The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files | |||
opendkim-genkey -s somename -d domain.name | |||
==SigningTable== | |||
#somename is the first field in Keytable | |||
*@domain.nl somename | |||
==KeyTable== | |||
Here the name of the selector is the one you publish in dns | |||
lookupname domain.name:selectorname:/path/to/somename.private | |||
=Checking= | |||
opendkim-testkey -v | |||
This will try to fetch the key published in DNS! | |||
=FAQ= | =FAQ= | ||
==opendkim: no signing table match for== | ==opendkim: no signing table match for== |
Revision as of 15:36, 11 March 2019
DomainKeys Identified Mail
Links
- dkim check
- DKIM and postfix
- Homepage
- http://www.opendkim.org/opendkim-README
- About DKIM
- DKIM with Sendmail
- https://wiki.debian.org/OpenDKIM
- http://www.myiptest.com/staticpages/index.php/DomainKeys-DKIM-SPF-Validator-test
Howto
cd /etc/opendkim/keys
The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files
opendkim-genkey -s somename -d domain.name
SigningTable
- somename is the first field in Keytable
*@domain.nl somename
KeyTable
Here the name of the selector is the one you publish in dns
lookupname domain.name:selectorname:/path/to/somename.private
Checking
opendkim-testkey -v
This will try to fetch the key published in DNS!
FAQ
opendkim: no signing table match for
In opendkim.conf use:
refile:/etc/opendkik/SigningTable
opendkim-testkey key not secure
Probably means you have no DNSSEC