DKIM with Postfix – My Multiple Site Setup

I honestly can’t remember where I originally got my setup from. This is a pretty good tutorial though.

My /etc/opendkim.conf:

AutoRestart             Yes
AutoRestartRate         10/1h
Canonicalization        relaxed/simple
ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
InternalHosts           refile:/etc/opendkim/TrustedHosts
KeyTable                refile:/etc/opendkim/KeyTable
LogWhy                  Yes
Mode                    sv
PidFile                 /var/run/opendkim/
SignatureAlgorithm      rsa-sha256
SigningTable            refile:/etc/opendkim/SigningTable
Socket                  inet:8891@localhost
Syslog                  Yes
SyslogSuccess           Yes
TemporaryDirectory      /var/tmp
UMask                   022
UserID                  opendkim:opendkim

The /etc/opendkim/ folder doesn’t exist per default, I’ve created it and all its contents.

The KeyTable file looks like this:

The /etc/opendkim/keys/ file contains the actual key generated with dkim-genkey -s default -d Make sure this file is readable by the opendkim user!

Btw dkim-filter can safely be apt-get removed after you’re done generating the keys.

SigningTable has the following format:



In my /etc/postfix/ I’ve added the following:

smtpd_milters = inet:
milter_default_action = accept

And finally in /var/lib/bind/ IN TXT "v=DKIM1; g=*; k=rsa; p=blabla, key goes here"

That’s it, works, when I choose “Show Original” in gmail I see the DKIM section.

Related Posts

Tags: , , , , ,