Oct
3
How to setup Domain Keys (DKIM) using Debian and Postfix
DomainKeys is an e-mail authentication system designed to verify the DNS domain of an e-mail sender thereby allowing a person, or organization to claim some responsibility for the message and helps verify that your mail is legitimate. This will help your emails not get flagged as spam or fraud, especially if you are doing bulk emailing or important emails.
So first will will need to make sure our system is up to date:
apt-get update apt-get upgradeNext we will need to Install postfix and dkim-filter
apt-get install postfix dkim-filterWhen the configuration prompt ask, choose “Internet Site”. Now both postfix and dkim-filter are installed you will need to setup dkim-filter.
I’m going to use the domain of: meeping.org for this howto.
Run the following commands:
mkdir -p /etc/dkim/keys/meeping.org/ cd /etc/dkim/keys/meeping.org/ dkim-genkey -r -d meeping.orgNext make a file called: /etc/dkim-keys.conf and insert the following:
*@meeping.org:meeping.org:/etc/dkim/keys/meeping.org/default.private
Now you will need to configure postfix and dkim-filter to work together.
Edit /etc/dkim-filter.conf and add the following 2 lines at the bottom:
KeyList /etc/dkim-keys.confSocket inet:8891@localhost
Now restart the DKIM filter:
/etc/init.d/dkim-filter restart
Now edit your postfix config( /etc/postfix/main.cf ) and add the following lines:
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
and restart postfix ( postfix reload )
Next we will have to insert out Key into our DNS Server.
cat /etc/dkim/keys/meeping.org/default.txt
Witch will look like something like this: (The Stuff in Bold is what we want.)
default._domainkey IN TXT “v=DKIM1; g=*; k=rsa; p=MIGfMA0GCBiQKBgQC2/6Q+2eL4RL3lRi/WA0riuCk3WV+u” ; —– DKIM default for meeping.org
Now just add a TXT Record for the domain with:
Name: default.private._domainkey Value: v=DKIM1; g=*; k=rsa; p=MIGfMA0GCBiQKBgQC2/ynaGiLr0/6Q+2eL4RL3lRi/WA0riuCk3WV+uApply the Setting… and wait a bit for dns to work.
Next testing!
This website seems to work nicely for testing DKIM:
http://www.brandonchecketts.com/emailtest.php