Implementace DKIM do postfixu

sudo apt-get install opendkim opendkim-tools

do /etc/opendkim.conf

AutoRestart             Yes
AutoRestartRate         10/1h
UMask                   002
Syslog                  yes
SyslogSuccess           Yes
LogWhy                  Yes

Canonicalization        relaxed/simple

ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
InternalHosts           refile:/etc/opendkim/TrustedHosts
KeyTable                refile:/etc/opendkim/KeyTable
SigningTable            refile:/etc/opendkim/SigningTable

Mode                    sv
PidFile                 /var/run/opendkim/opendkim.pid
SignatureAlgorithm      rsa-sha256

UserID                  opendkim:opendkim

Socket                  inet:12301@localhost

do /etc/default/opendkim odkomentovat

SOCKET="inet:12301@localhost"

Do postfixu pridat miltery, /etc/postfix/main.cf

milter_protocol = 2
milter_default_action = accept

Dalsi tam bud jsou, takze pridame

smtpd_milters = unix:/spamass/spamass.sock, inet:localhost:12301
non_smtpd_milters = unix:/spamass/spamass.sock, inet:localhost:12301

Nebo nejsou, takze vytvorime

smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
mkdir -p /etc/opendkim/keys

do /etc/opendkim/TrustedHosts

  127.0.0.1
  localhost
  192.168.0.1/24
  
  *.domena.com

do /etc/opendkim/KeyTable

nejakystring._domainkey.domena.com domena.com:nejakystring:/etc/opendkim/keys/domena.com/nejakystring.private

nejakystring je selector, libovolny.

do /etc/opendkim/SigningTable

  *@domena.com nejakystring._domainkey.domena.com
cd /etc/opendkim/keys
mkdir domena.com
cd domena.com
opendkim-genkey -s nejakystring -d domena.com -b 2048
chown opendkim:opendkim nejakystring.private

Z nejakystring.txt vzit “v=DKIM1; k=rsa; p=MIGf….” a pridat do DNS jako TXT zaznam. Pak reload DNS, postixu a opendkim a melo by to jet. Konotrla v logu nebo hlavicce.

 
linux/dkim.txt · Last modified: 2014/08/26 12:03 by kotrlik