https://kn007.net/topics/postfix-advanced-to-use-the-new-dkim-signature-opendkim/
Although OpenDKIM's predecessor, dkim-milter, can still be used, and there are no performance issues, or other issues, there are always people who like the new and hate the old. (For details on how to configure dkim-milter, see " [Postfix Advanced] Add DKIM Signature to CentOS Mail System ")
Note: This article is not suitable for Ubuntu and Debian, some changes are required. These two systems are relatively sloppy, and it is necessary to modify /etc/default/opendkim.
Let's talk about it today, the configuration method of OpenDKIM (still using CentOS as an example) is actually very simple, please continue to read.
My system is CentOS 6.6 X64. Considering that it can be upgraded in the future, we use yum to install it.
I wrote an automatic installation script for Shell. (Note: make sure your hostname is your domain name)
#!/bin/bash #Made By kn007 #Add EPEL Community Project rpm --import http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6 rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm #Fix EPEL Setup Error sed -i 's:#baseurl:baseurl:g' /etc/yum.repos.d/epel.repo sed -i 's:mirrorlist:#mirrorlist:g' /etc/yum.repos.d/epel.repo #Install Postfix DKIM Signature yum -y install opendkim cat > /etc/opendkim.conf<<EOF UserID opendkim:opendkim UMask 022 Mode sv PidFile /var/run/opendkim/opendkim.pid Canonicalization relaxed/relaxed TemporaryDirectory /var/tmp ExternalIgnoreList refile:/etc/opendkim/TrustedHosts InternalHosts refile:/etc/opendkim/TrustedHosts KeyTable refile:/etc/opendkim/KeyTable SigningTable refile:/etc/opendkim/SigningTable MinimumKeyBits 1024 Socket inet:8891 LogWhy Yes Syslog Yes SyslogSuccess Yes EOF mkdir -p /etc/opendkim/keys/`hostname -f` opendkim-genkey -D /etc/opendkim/keys/`hostname -f`/ -d `hostname -f` -s default chown opendkim:opendkim -R /etc/opendkim/ chmod -R 700 /etc/opendkim echo "default._domainkey.`hostname -f` `hostname -f`:default:/etc/opendkim/keys/`hostname -f`/default.private" >> /etc/opendkim/KeyTable echo "*@`hostname -f` default._domainkey.`hostname -f`" >> /etc/opendkim/SigningTable echo "localhost" >> /etc/opendkim/TrustedHosts echo "`hostname -f`" >> /etc/opendkim/TrustedHosts cat >> /etc/postfix/main.cf<<EOF #DKIM milter_default_action = accept milter_protocol = 2 smtpd_milters = inet:8891 non_smtpd_milters = inet:8891 EOF service opendkim start service postfix restart cp /etc/opendkim/keys/`hostname -f`/default.txt /root/`hostname -f`-dkim-signature_default.txt echo "open '/root/`hostname -f`-dkim-signature_default.txt', then add the TXT record to you DNS resolution system."
That's it, that's it. The process is very simple.
Finally, you need to open XXX-dkim-signature_default.txt under /root and add it to the DNS domain name resolver, as shown below.