- [Show pagesource]
- [Old revisions]
- [[unknown link type]]
- []
Implementace DKIM do postfixu
sudo apt-get install opendkim opendkim-tools
do /etc/opendkim.conf
AutoRestart Yes AutoRestartRate 10/1h UMask 002 Syslog yes SyslogSuccess Yes LogWhy Yes Canonicalization relaxed/simple ExternalIgnoreList refile:/etc/opendkim/TrustedHosts InternalHosts refile:/etc/opendkim/TrustedHosts KeyTable refile:/etc/opendkim/KeyTable SigningTable refile:/etc/opendkim/SigningTable Mode sv PidFile /var/run/opendkim/opendkim.pid SignatureAlgorithm rsa-sha256 UserID opendkim:opendkim Socket inet:12301@localhost
do /etc/default/opendkim odkomentovat
SOCKET="inet:12301@localhost"
Do postfixu pridat miltery, /etc/postfix/main.cf
milter_protocol = 2 milter_default_action = accept
Dalsi tam bud jsou, takze pridame
smtpd_milters = unix:/spamass/spamass.sock, inet:localhost:12301 non_smtpd_milters = unix:/spamass/spamass.sock, inet:localhost:12301
Nebo nejsou, takze vytvorime
smtpd_milters = inet:localhost:12301 non_smtpd_milters = inet:localhost:12301
mkdir -p /etc/opendkim/keys
do /etc/opendkim/TrustedHosts
127.0.0.1 localhost 192.168.0.1/24 *.domena.com
do /etc/opendkim/KeyTable
nejakystring._domainkey.domena.com domena.com:nejakystring:/etc/opendkim/keys/domena.com/nejakystring.private
nejakystring je selector, libovolny.
do /etc/opendkim/SigningTable
*@domena.com nejakystring._domainkey.domena.com
cd /etc/opendkim/keys mkdir domena.com cd domena.com
opendkim-genkey -s nejakystring -d domena.com -b 2048 chown opendkim:opendkim nejakystring.private
Z nejakystring.txt vzit “v=DKIM1; k=rsa; p=MIGf….” a pridat do DNS jako TXT zaznam. Pak reload DNS, postixu a opendkim a melo by to jet. Konotrla v logu nebo hlavicce.
linux/dkim.txt · Last modified: 2014/08/26 12:03 by kotrlik