Difference between revisions of "DKIM"

From DWIKI
⧼monobook-jumptonavigation⧽⧼monobook-jumptosearch⧽
Line 12: Line 12:
 
*[https://www.linode.com/docs/email/postfix/configure-spf-and-dkim-in-postfix-on-debian-9/ SPF and DKIM on Debian]
 
*[https://www.linode.com/docs/email/postfix/configure-spf-and-dkim-in-postfix-on-debian-9/ SPF and DKIM on Debian]
  
=Howto=
+
=OpenDKIM Howto=
 
  cd /etc/opendkim/keys
 
  cd /etc/opendkim/keys
  
 
The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files
 
The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files
 
  opendkim-genkey -s somename -d domain.name
 
  opendkim-genkey -s somename -d domain.name
 +
Make sure the key ends up in /etc/opendkim/keys and is readable for user opendkim
  
 
==SigningTable==
 
==SigningTable==

Revision as of 09:31, 20 September 2019

DomainKeys Identified Mail

Links

OpenDKIM Howto

cd /etc/opendkim/keys

The 'selector' you choose here does not have to be the actual selector used in DNS. It is just the name used for storing the .txt and .private files

opendkim-genkey -s somename -d domain.name

Make sure the key ends up in /etc/opendkim/keys and is readable for user opendkim

SigningTable

  1. somename is the first field in Keytable
*@domain.nl somename

KeyTable

Here the name of the selector is the one you publish in dns

somename domain.name:selectorname:/path/to/somename.private

Checking

opendkim-testkey -v

This will try to fetch the key published in DNS, so "record not found" means DNS record not found.

FAQ

opendkim: no signing table match for

In opendkim.conf use:

refile:/etc/opendkim/SigningTable

opendkim-testkey key not secure

Probably means you have no DNSSEC