opendkim

1. YEAR=$(date +'%Y')
2. DOMTLD=DOM.TLD
3. mkdir  /etc/opendkim/keys/$DOMTLD
4. cd /etc/opendkim/keys/$DOMTLD
5. opendkim-genkey -s $YEAR -d $DOMTLD
6. chown opendkim:opendkim *.private
7. /etc/opendkim.conf

cat /etc/opendkim/keys/$DOMTLD/$YEAR.txt

mail._domainkey    IN    TXT    ( "v=DKIM1; h=sha256; k=rsa; " "p=...

vim /etc/opendkim/SigningTable

*@DOM.TLD    ALIAS

vim /etc/opendkim/KeyTable

ALIAS    DOM.TLD:YEAR:/etc/opendkim/keys/DOM.TLD/YEAR.private

vim /etc/opendkim/TrustedHosts

127.0.0.1
localhost
10.0.3.0/24
bubuit.net
bubu
bubu.bubuit.net
drupal.bubuit.net
owncloud.bubuit.net
peertube.bubuit.net
jitsi.bubuit.net
lists.bubuit.net
80.109.46.32

/etc/postfix/main.cf

milter_default_action = tempfail
smtpd_milters = unix:/opendkim/opendkim.sock
non_smtpd_milters = unix:/opendkim/opendkim.sock

1. usermod -aG opendkim postfix
2. sc-restart opendkim postfix

Links

• https://wiki.debian.org/opendkim
  https://www.linode.com/docs/guides/configure-spf-and-dkim-in-postfix-on-debian-9/

checker

1. https://dmarcadvisor.com/de/dkim-check/
2. https://protodave.com/tools/dkim-key-checker/