Operations grimoire/Mail/DKIM

From Nasqueron Agora

Add a domain

To create a key with unium as DKIM selector for <domain.tld>:

$ mkdir /etc/opendkim/keys/domain.tld
$ cd /etc/opendkim/keys/domain.tld
$ opendkim-genkey -s unium -b 2048 -d domain.tld
$ chown opendkim unium.private
$ cd /etc/opendkim
$ make clean all

Test

Send a mail from to another mail server.

You should see a DKIM pass.

You can also from a mailbox for this domain send a mail to check-auth@verifier.port25.com

Troubleshooting

Can't load key from … Permission denied

Keys must belong to opendkim user.

$ chown opendkim /etc/opendkim/keys/*/*.private

DKIM must succeed: as long as this isn't fixed, Postfix won't send mail for this domain.