Anonymous
×
Create a new article
Write your page title here:
We currently have 27 articles on PhenixOps. Type your article name above or click on one of the titles below and start writing!



PhenixOps
27Articles

OpenDkim: Difference between revisions

No edit summary
No edit summary
 
(13 intermediate revisions by the same user not shown)
Line 1: Line 1:
To setup open dkim a couple of steps have to be made to install and configure the service and get it running. The example domain is noordwijk.nl, change it to yours.
To setup open dkim a couple of steps have to be made to install and configure the service and get it running. The example domain is noordwijk.nl, change it to yours.<br>
---
 
First, get the package installed, using debian as OS here. <br>
<code>
sudo apt-get install opendkim
</code>
<br>
 
Create some dirs and set ownership <br>
<code>
mkdir /etc/dkimkeys
mkdir /etc/dkimkeys
chown opendkim.opendkim /etc/dkimkeys
chown opendkim.opendkim /etc/dkimkeys
</code>
<br>


 
A key needs to be generated per domain<br>
<code>
<code>
sudo -u opendkim opendkim-genkey -D /etc/dkimkeys -d noordwijk.nl -s 2020
sudo -u opendkim opendkim-genkey -D /etc/dkimkeys -d noordwijk.nl -s 2020
 
</code>
<pre>
Domain                  noordwijk.nl
Domain                  noordwijk.nl
Selector                2020
Selector                2020
KeyFile                /etc/dkimkeys/2020.private
KeyFile                /etc/dkimkeys/2020.private
Socket                  inet:8891@localhost
Socket                  inet:8891@localhost
</pre>


Make a backup of the original config<br>
<code>
cp -rp /etc/postfix/main.cf /etc/postfix/main.cf_bak
cp -rp /etc/postfix/main.cf /etc/postfix/main.cf_bak
</code><br>


Add the new config parts<br>
<code>
vi /etc/postfix/main.cf
vi /etc/postfix/main.cf
</code>
<pre>
smtpd_milters = inet:localhost:8891
smtpd_milters = inet:localhost:8891
non_smtpd_milters = $smtpd_milters
non_smtpd_milters = $smtpd_milters
 
</pre><br>
Restart services to activate<br>
<code>
systemctl restart opendkim
systemctl restart opendkim
</code>
</code>
<code>
systemctl restart postfix
</code><br>
Following text record needs to go into the DNS Zonefile<br>
<code>user@host:~# cat /etc/dkimkeys/2020.txt</code><br>
<pre>
2020._domainkey IN      TXT    ( "v=DKIM1; k=rsa; "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqcS4IGfYnGeToHq7lziTCithEA5esxonnQjtp8hbVSGNDXeAAXQvdzg34QkpS/GCtsRa28XmnTw451dUDei/IE3CUrVet4SaYurERKzpwoBHyAMGCQgqgUzhGXpAOcL50XHXTtjZ9h1rdwyfTlg9YNosXrEXyF7Rt5YJOa/n3UQIDAQAB" )  ; ----- DKIM key 2020 for noordwijk.nl
</pre><br>
Put the keys in the keytable<br>
<code>
vi /etc/dkimkeys/keytable
</code><br>
<pre>
2020._domainkey.noordwijk.nl noordwijk.nl:2020:/etc/dkimkeys/2020.private
2022._domainkey.lostlemon.nl lostlemon.nl:2022:/etc/dkimkeys/2022.private
</pre><br>


Following text record needs to go into the DNS Zonefile
Create the signingtable<br>
<code>
vi /etc/dkimkeys/signingtable
</code><br>
<pre>
*@lostlemon.nl 2022._domainkey.lostlemon.nl
*@test03lostlemon.nl 2022._domainkey.lostlemon.nl
*@noordwijk.nl 2020._domainkey.noordwijk.nl
</pre>
<br>


<code>user@host:~# cat /etc/dkimkeys/2020.txt</code>
Decide which hosts are allowed, localhost has to be included!<br>
<code>
vi /etc/dkimkeys/trustedhosts
</code><br>
<pre>
127.0.0.1/8
85.90.72.92/27
172.16.1.1/24
</pre><br>


Have OpenDkim allowing domains<br>
<code>
<code>
vi /etc/opendkim/opendkim.conf
</code><br>
<pre>
KeyTable file:/etc/dkimkeys/keytable
SigningTable refile:/etc/dkimkeys/signingtable
InternalHosts refile:/etc/dkimkeys/trustedhosts
</pre><br>
[[E-Mail]] <br>
[[SystemAdministration]] <br>


2020._domainkey IN      TXT    ( "v=DKIM1; k=rsa; "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqcS4IGfYnGeToHq7lziTCithEA5esxonnQjtp8hbVSGNDXeAAXQvdzg34QkpS/GCtsRa28XmnTw451dUDei/IE3CUrVet4SaYurERKzpwoBHyAMGCQgqgUzhGXpAOcL50XHXTtjZ9h1rdwyfTlg9YNosXrEXyF7Rt5YJOa/n3UQIDAQAB" )  ; ----- DKIM key 2020 for noordwijk.nl
[[Category:E-Mail]] <br>
</code>
[[Category:SystemAdministration]] <br>

Latest revision as of 13:49, 6 May 2020

To setup open dkim a couple of steps have to be made to install and configure the service and get it running. The example domain is noordwijk.nl, change it to yours.

First, get the package installed, using debian as OS here.
sudo apt-get install opendkim

Create some dirs and set ownership
mkdir /etc/dkimkeys chown opendkim.opendkim /etc/dkimkeys

A key needs to be generated per domain
sudo -u opendkim opendkim-genkey -D /etc/dkimkeys -d noordwijk.nl -s 2020

Domain                  noordwijk.nl
Selector                2020
KeyFile                 /etc/dkimkeys/2020.private
Socket                  inet:8891@localhost

Make a backup of the original config
cp -rp /etc/postfix/main.cf /etc/postfix/main.cf_bak

Add the new config parts
vi /etc/postfix/main.cf

smtpd_milters = inet:localhost:8891
non_smtpd_milters = $smtpd_milters


Restart services to activate
systemctl restart opendkim systemctl restart postfix

Following text record needs to go into the DNS Zonefile
user@host:~# cat /etc/dkimkeys/2020.txt

2020._domainkey IN      TXT     ( "v=DKIM1; k=rsa; "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqcS4IGfYnGeToHq7lziTCithEA5esxonnQjtp8hbVSGNDXeAAXQvdzg34QkpS/GCtsRa28XmnTw451dUDei/IE3CUrVet4SaYurERKzpwoBHyAMGCQgqgUzhGXpAOcL50XHXTtjZ9h1rdwyfTlg9YNosXrEXyF7Rt5YJOa/n3UQIDAQAB" )  ; ----- DKIM key 2020 for noordwijk.nl


Put the keys in the keytable
vi /etc/dkimkeys/keytable

2020._domainkey.noordwijk.nl noordwijk.nl:2020:/etc/dkimkeys/2020.private
2022._domainkey.lostlemon.nl lostlemon.nl:2022:/etc/dkimkeys/2022.private


Create the signingtable
vi /etc/dkimkeys/signingtable

*@lostlemon.nl 2022._domainkey.lostlemon.nl
*@test03lostlemon.nl 2022._domainkey.lostlemon.nl
*@noordwijk.nl 2020._domainkey.noordwijk.nl


Decide which hosts are allowed, localhost has to be included!
vi /etc/dkimkeys/trustedhosts

127.0.0.1/8
85.90.72.92/27
172.16.1.1/24


Have OpenDkim allowing domains
vi /etc/opendkim/opendkim.conf

KeyTable file:/etc/dkimkeys/keytable
SigningTable refile:/etc/dkimkeys/signingtable 
InternalHosts refile:/etc/dkimkeys/trustedhosts


E-Mail
SystemAdministration