1 Download and install OpenDKIM
Code: Select all
yum install openssl-devel opendkim
Code: Select all
mkdir -p /etc/opendkim/keys/efa.org/
Code: Select all
cd /etc/opendkim/keys/efa.org/
Code: Select all
opendkim-genkey -s efa
Code: Select all
/etc/opendkim.conf
6 first line to check:
Code: Select all
Mode sv
7 than look for word Socket inet= if it does exisit than its looks good
now find the below and out line them remove the # in front of each line .
Code: Select all
SendReports yes
ReportAddress "efa.org Postmaster <postmaster@efa.org>"
SoftwareHeader yes
Canonicalization relaxed/simple
KeyTable /etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
xternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
save the file now
8 next, edit /etc/opendkim/KeyTable
so open the the file /etc/opendkim/KeyTable with nano or vi
Code: Select all
add this line to the end:
efa._domainkey.efa.org efa.org:efa:/etc/opendkim/keys/efa.org/efa.private
9 now edit /etc/opendkim/SigningTable
again open the file /etc/opendkim/SigningTable with nano or vi
add this at the end of the file
Code: Select all
*@efa.org efa._domainkey.efa.org
10 edit /etc/opendkim/TrustedHosts
so open the file /etc/opendkim/TrustedHosts with vi or nano
and add this to the end
Code: Select all
mail.efa.org
192.168.4.5/32
192.168.4.5/32 is your exchange ip / or internal mail server
11 edit /etc/postfix/main.cf
again open the file edit /etc/postfix/main.cf with nano or vi
go to very end of the file find the line starts with smtpd_milters = inet:127.0.0.1:8891 inet:127.0.0.1:33333 and empty everything below it. and past the below
Code: Select all
smtpd_milters = inet:127.0.0.1:8891 inet:127.0.0.1:33333
message_size_limit = 133169152
qmqpd_authorized_clients = 127.0.0.1 [::1]
enable_long_queue_ids = yes
non_smtpd_milters = inet:127.0.0.1:8891
milter_default_action = tempfail
milter_protocol = 2
error_notice_recipient = root@$myhostname
restart the postfix
Code: Select all
sudo systemctl restart postfix
11 Adding DNS Records
Strangely enough, this is the part that gave me the most trouble as I wasn't putting in the text records correctly.
open the private key
Code: Select all
cat /etc/opendkim/keys/<YOURDOMAIN>/default.txt
Code: Select all
default._domainkey IN TXT "v=DKIM1; g=*; k=rsa; p=7k45u5i2T1AlEBeurUbdKh7Nypq4lLMXC2FHhezK33BuYR+3L7jxVj7FATylhwIDAQABMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHY7Zl+n3SUldTYRUEU1BErHkKN0Ya52gazp1R7FA7vN5RddPxW/sO9JVRLiWg6iAE4hxBp42YKfxOwEnxPADbBuiELKZ2ddxo2aDFAb9U/lp4" ; ----- DKIM default for example.com
Code: Select all
default._domainkey
your DNS record value is
v
Code: Select all
=DKIM1; g=*; k=rsa; p=7k45u5i2T1AlEBeurUbdKh7Nypq4lLMXC2FHhezK33BuYR+3L7jxVj7FATylhwIDAQABMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHY7Zl+n3SUldTYRUEU1BErHkKN0Ya52gazp1R7FA7vN5RddPxW/sO9JVRLiWg6iAE4hxBp42YKfxOwEnxPADbBuiELKZ2ddxo2aDFAb9U/lp4
i have a issue
Code: Select all
Jan 29 00:55:05 relay opendkim[6300]: can't load key from /etc/opendkim/keys/domain.com/domain.private: Permission denied
Code: Select all
sudo chown opendkim /etc/opendkim/keys/domain.com/domain.private
now your opendkim is configured and sign outgoing emails.
if you have any questions let us knows.