Web Hosting

How to Install dkim on centos 7

Leave a comment
  1. Enable EPL repository.

In centOs 7

wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
 sudo rpm -Uvh epel-release-7*.rpm

 

In Cent os 6

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
            rpm -Uvh epel-release-6*.rpm

  1. Install opendkim

yum install opendkim

 

mkdir /etc/opendkim/keys/$domain

/usr/sbin/opendkim-genkey -D /etc/opendkim/keys/$domain/ -d $domain -s $selector

chown -R root:opendkim /etc/opendkim/keys/$domain

chmod 640 /etc/opendkim/keys/$domain/$selector.private

chmod 644 /etc/opendkim/keys/$domain/$selector.txt

 

/etc/opendkim.conf

## CONFIGURATION OPTIONS

# Specifies the path to the process ID file.
PidFile /var/run/opendkim/opendkim.pid

# Selects operating modes. Valid modes are s (signer) and v (verifier). Default is v.
Mode    sv

# Log activity to the system log.
Syslog  yes

# Log additional entries indicating successful signing or verification of messages.
SyslogSuccess yes

# If logging is enabled, include detailed logging about why or why not a message was
# signed or verified. This causes a large increase in the amount of log data generated
# for each message, so it should be limited to debugging use only.
#LogWhy yes

# Attempt to become the specified user before starting operations.
UserID  opendkim:opendkim

# Create a socket through which your MTA can communicate.
Socket  inet:[email protected]

# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
Umask   002

# This specifies a file in which to store DKIM transaction statistics.
#Statistics              /var/spool/opendkim/stats.dat
## SIGNING OPTIONS
# Selects the canonicalization method(s) to be used when signing messages.
Canonicalization        relaxed/simple
# Domain(s) whose mail should be signed by this filter. Mail from other domains will
# be verified rather than being signed. Uncomment and use your domain name.
# This parameter is not required if a SigningTable is in use.
Domain                  example.com
# Defines the name of the selector to be used when signing messages.
Selector                default
# Gives the location of a private key to be used for signing ALL messages.
#KeyFile                 /etc/opendkim/keys/default.private
# Gives the location of a file mapping key names to signing keys. In simple terms,
# this tells OpenDKIM where to find your keys. If present overrides any KeyFile
# setting in the configuration file.
KeyTable                 refile:/etc/opendkim/KeyTable
# Defines a table used to select one or more signatures to apply to a message based
# on the address found in the From header field. In simple terms, this tells
# OpenDKIM how to use your keys.
SigningTable                 refile:/etc/opendkim/SigningTable
# Identifies a set of “external” hosts that may send mail through the server as one
# of the signing domains without credentials as such.
ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
# Identifies a set internal host whose mail should be signed rather than verified.
InternalHosts           refile:/etc/opendkim/TrustedHosts

/etc/opendkim/KeyTable

default._domainkey.example.com example.com:default:/etc/opendkim/keys/example.com/default.private

/etc/opendkim/SigningTable

*@example.com default._domainkey.example.com

/etc/opendkim/TrustedHosts

127.0.0.1
hostname1.example1.com
hostname2.example1.com
example1.com
hostname1.example2.com
hostname2.example2.com
example2.com

Leave a Reply

Your email address will not be published. Required fields are marked *