How to install Open DKIM to sign outgoing emails on Postfix/Centos 7 ?

To install Open DKIM on Postfix and sign outgoing emails on CentOS 7, follow these steps:

• Install Open DKIM:

yum install opendkim opendkim-tools

• Add the following lines to your '/etc/opendkim.conf' file:

AutoRestart Yes

AutoRestartRate 10/1h

UMask 002

Syslog yes

SyslogSuccess Yes

LogWhy Yes

Canonicalization relaxed/simple

ExternalIgnoreList refile:/etc/opendkim/TrustedHosts

InternalHosts refile:/etc/opendkim/TrustedHosts

KeyTable refile:/etc/opendkim/KeyTable

SigningTable refile:/etc/opendkim/SigningTable

Mode sv

PidFile /var/run/opendkim/opendkim.pid

SignatureAlgorithm rsa-sha256

UserID opendkim:opendkim

Socket inet:8891@localhost

• Create the 'TrustedHosts', 'KeyTable', and 'SigningTable' files:

touch /etc/opendkim/TrustedHosts

touch /etc/opendkim/KeyTable

touch /etc/opendkim/SigningTable

• Add the following line to your '/etc/opendkim/TrustedHosts' file:

127.0.0.1

localhost

• Generate a key pair for your domain:

opendkim-genkey -b 2048 -d example.com -D /etc/opendkim/keys/ -s mail -v

This will generate a private key (mail.private) and a public key (mail.txt) in the /etc/opendkim/keys/ directory.

• Add the following line to your /etc/opendkim/KeyTable file, replacing example.com with your own domain and /etc/opendkim/keys/mail.private with the path to your private key file:

mail._domainkey.example.com example.com:/etc/opendkim/keys/mail.private

• Add the following line to your /etc/opendkim/SigningTable file, replacing example.com with your own domain:

*@example.com mail._domainkey.example.com

• Update Postfix to use Open DKIM:

Add the following lines to your /etc/postfix/main.cf file:

milter_default_action = accept

milter_protocol = 2

smtpd_milters = inet:localhost:8891

non_smtpd_milters = inet:localhost:8891

• Start the Open DKIM service and set it to start automatically on boot:

systemctl start opendkim

systemctl enable opendkim

• Restart Postfix:

system