DKIM: Difference between revisions
From DWIKI
m (→Checking) |
|||
Line 36: | Line 36: | ||
==opendkim: no signing table match for== | ==opendkim: no signing table match for== | ||
In opendkim.conf use: | In opendkim.conf use: | ||
refile:/etc/ | refile:/etc/opendkim/SigningTable | ||
==opendkim-testkey key not secure== | ==opendkim-testkey key not secure== | ||
Probably means you have no DNSSEC | Probably means you have no DNSSEC |
Revision as of 11:07, 22 May 2019
DomainKeys Identified Mail
Links
- dkim check
- DKIM and postfix
- Homepage
- http://www.opendkim.org/opendkim-README
- About DKIM
- DKIM with Sendmail
- https://wiki.debian.org/OpenDKIM
- http://www.myiptest.com/staticpages/index.php/DomainKeys-DKIM-SPF-Validator-test
Howto
cd /etc/opendkim/keys
The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files
opendkim-genkey -s somename -d domain.name
SigningTable
- somename is the first field in Keytable
*@domain.nl somename
KeyTable
Here the name of the selector is the one you publish in dns
lookupname domain.name:selectorname:/path/to/somename.private
Checking
opendkim-testkey -v
This will try to fetch the key published in DNS, so "record not found" means DNS record not found.
FAQ
opendkim: no signing table match for
In opendkim.conf use:
refile:/etc/opendkim/SigningTable
opendkim-testkey key not secure
Probably means you have no DNSSEC