![thumbnail image](https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_630,w_1200,f_auto,q_auto/1686447/13994_819675.jpeg)
![broken image](http://custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_100/1686447/778310_627000.png)
How to install Open DKIM to sign outgoing emails on Postfix/Centos 7 ?
To install Open DKIM on Postfix and sign outgoing emails on CentOS 7, follow these steps:
- Install Open DKIM:
yum install opendkim opendkim-tools
- Add the following lines to your '/etc/opendkim.conf' file:
AutoRestart Yes
AutoRestartRate 10/1h
UMask 002
Syslog yes
SyslogSuccess Yes
LogWhy Yes
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
Mode sv
PidFile /var/run/opendkim/opendkim.pid
SignatureAlgorithm rsa-sha256
UserID opendkim:opendkim
Socket inet:8891@localhost
- Create the 'TrustedHosts', 'KeyTable', and 'SigningTable' files:
touch /etc/opendkim/TrustedHosts
touch /etc/opendkim/KeyTable
touch /etc/opendkim/SigningTable
- Add the following line to your '/etc/opendkim/TrustedHosts' file:
127.0.0.1
localhost
- Generate a key pair for your domain:
opendkim-genkey -b 2048 -d example.com -D /etc/opendkim/keys/ -s mail -v
This will generate a private key (mail.private) and a public key (mail.txt) in the /etc/opendkim/keys/ directory.
- Add the following line to your /etc/opendkim/KeyTable file, replacing example.com with your own domain and /etc/opendkim/keys/mail.private with the path to your private key file:
mail._domainkey.example.com example.com:/etc/opendkim/keys/mail.private
- Add the following line to your /etc/opendkim/SigningTable file, replacing example.com with your own domain:
*@example.com mail._domainkey.example.com
- Update Postfix to use Open DKIM:
Add the following lines to your /etc/postfix/main.cf file:
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
- Start the Open DKIM service and set it to start automatically on boot:
systemctl start opendkim
systemctl enable opendkim
- Restart Postfix:
system
![DMARC.fr complies with GDPR regulations to protect users' personal data, ensuring that information is processed securely and confidentially. This helps to prevent unauthorized access and misuse of user data. DMARC.fr complies with GDPR regulations to protect users' personal data, ensuring that information is processed securely and confidentially. This helps to prevent unauthorized access and misuse of user data.](http://custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/1686447/323010_817741.png)
.
© 2017 - 2024 DMARC.FR