opendkim

1. ai opendkim opendkim-tools
2. mkdir /var/spool/postfix/opendkim/
3. chown opendkim /var/spool/postfix/opendkim
4. usermod -aG opendkim postfix
5. YEAR=$(date +'%Y')
6. DOMTLD=DOM.TLD
7. mkdir -p /etc/opendkim/keys/$DOMTLD
8. cd /etc/opendkim/keys/$DOMTLD
9. opendkim-genkey -s $YEAR -d $DOMTLD
10. chown opendkim:opendkim *.private
11. vim /etc/opendkim.conf

vim /etc/default/opendkim

RUNDIR=/var/spool/postfix/run/opendkim
#RUNDIR=/run/opendkim

cat /etc/opendkim/keys/$DOMTLD/$YEAR.txt

mail._domainkey    IN    TXT    ( "v=DKIM1; h=sha256; k=rsa; " "p=...

vim /etc/opendkim/SigningTable

*@DOM.TLD    ALIAS

vim /etc/opendkim/KeyTable

ALIAS    DOM.TLD:YEAR:/etc/opendkim/keys/DOM.TLD/YEAR.private

vim /etc/opendkim/TrustedHosts

127.0.0.1
localhost
10.0.3.0/24
bubuit.net
bubu
bubu.bubuit.net
drupal.bubuit.net
owncloud.bubuit.net
peertube.bubuit.net
jitsi.bubuit.net
lists.bubuit.net
80.109.46.32

vim /etc/postfix/main.cf

milter_default_action = tempfail
smtpd_milters = unix:/opendkim/opendkim.sock
non_smtpd_milters = unix:/opendkim/opendkim.sock

1. sc-restart opendkim postfix
2. sc-status opendkim.service
3. Script opendkim.sh

Links

• https://wiki.debian.org/opendkim
  https://www.linode.com/docs/guides/configure-spf-and-dkim-in-postfix-on-debian-9/

checker

1. https://dmarcadvisor.com/de/dkim-check/
2. https://www.mail-tester.com/