Operations grimoire/Mail/DKIM

From Nasqueron Agora
Revision as of 21:33, 24 October 2024 by Dereckson (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Mails are signed with OpenDKIM, an open-source implementation for DKIM.

Add a domain

To create a key with unium as DKIM selector for <domain.tld>:

$ add-dkim-domain domain.tld

To create a key with another selector:

$ add-dkim-domain domain.tld <selector>

Test

Send a mail from to another mail server.

You should see a DKIM pass.

You can also from a mailbox for this domain send a mail to check-auth@verifier.port25.com

Troubleshooting

Can't load key from … Permission denied

Keys must be readeable to opendkim user.

$ chown opendkim /usr/local/etc/opendkim/keys/*/*.private

DKIM must succeed: as long as this isn't fixed, Postfix won't send mail for this domain.