install opendkim
wget http://mirror.pnl.gov/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
yum install opendkim
vi /etc/opendkim.conf
Mode sv
Domain XYZ.com.tw
KeyFile /etc/postfix/XYZ.dkim.key
Selector mail
KeyTable /etc/opendkim/KeyTable
SigningTable /etc/opendkim/SigningTable
InternalHosts refile:/etc/opendkim/TrustedHosts
Create Key dir
mkdir -p /etc/postfix/XYZ.dkim.key
cd /etc/postfix/XYZ.dkim.key
opendkim-genkey -t -s mail -d XYZ.dkim.key
mkdir -p /etc/opendkim/keys/XYZ.com.tw
cd /etc/opendkim/keys/XYZ.com.tw
cp /etc/postfix/XYZ.dkim.key/mail.private .
chmod 600 mail.private
chown -R opendkim:opendkim mail.private
Change postfix config
vi /etc/postfix/main.cf
# DKIM
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
[root@smtp4 keys]# service opendkim start
Generating default DKIM keys: [WARNING]
Cannot determine host's domain name, so skipping default key generation.
Starting OpenDKIM Milter: [ OK ]
/etc/opendkim/keys/
ln -s ./XYZ.com.tw/mail.private default.private
Change opendkim config
vi /etc/opendkim/KeyTable
mail._domainkey.XYZ.com.tw XYZ.com.tw:mail:/etc/opendkim/keys/XYZ.com.tw/mail.private
vi /etc/opendkim/SigningTable
XYZ.com.tw mail._domainkey.XYZ.com.tw
vi /etc/opendkim/TrustedHosts
127.0.0.1
#host.example.com
10.0.0.0/8
start service
chkconfig --level 345 opendkim on
service opendkim restart
service postfix restart
change DNS
for DKIM
mail._domainkey IN TXT "v=DKIM1; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjPgUdt4VZVNuo2AczhIfbqnbmTKNm3FN2k/oY7CW0YvE08tcoCEsBDc6HsqzbZqHb72RCU5SlheYiihwlqsHZFaY9DTsoj4/s2EttT8d34S3jCTVa72P81r079Yqcx88RSzL7mMJRpmPuJdM5scq0glFWakyNNYkuP51ahG8KlwIDAQAB"
for DMARC
_dmarc.XYZ.com.tw. IN TXT "v=DMARC1; p=none; rua=mailto:vincentyu@XYZ.com.tw; adkim=r; aspf=r; pct=0"
!!WARNING!!
[root@smtp4 keys]# service opendkim start
Generating default DKIM keys: [WARNING]
Cannot determine host's domain name, so skipping default key generation.
Starting OpenDKIM Milter: [ OK ]
solution:
/etc/opendkim/keys/
ln -s ./XYZ.com.tw/mail.private default.private
# Mail test
http://www.mail-tester.com/
vincent's Blog
一個無聊的網路雜工的紀錄!!
Categories
- 小微 (2)
- 中醫藥 (5)
- 古文觀今 (4)
- 武術 (11)
- 狗屁倒灶 (1)
- 遊記 (1)
- 網路雜七雜八 (3)
- A10 (8)
- Apache (4)
- Bind (2)
- blogger (1)
- CAT (7)
- Docker (1)
- F5 (3)
- Fluentd (1)
- FTP (2)
- Jboss (3)
- Juniper (4)
- Linux (26)
- Mail (3)
- MSSQL (1)
- music (1)
- MySQL (1)
- Network (2)
- network monitor (4)
- Nginx (2)
- Oracle (22)
- Outlook Express (1)
- perl (1)
- Photos (3)
- Postgresql (3)
- Python (3)
- Remine (1)
- SaltStack (2)
- shell (10)
- Solaris (14)
- Veritas NetBackup (7)
- WOW (1)
- XenServer (1)
張貼留言