yum update yum install opendkim
如果沒有安裝到 opendkim 要 裝 epel-release-6-8.noarch.rpm 再update & install
## wget -P /tmp http://mirror.pnl.gov/epel/6/i386/epel-release-6-8.noarch.rpm ## rpm -Uvh /tmp/epel-release-6-8.noarch.rpm ## rm -f /tmp/epel-release-6-8.noarch.rp
設定 opendkim.conf
## mv /etc/opendkim.conf /etc/opendkim.conf.orig ## vi /etc/opendkim.conf
AutoRestart Yes AutoRestartRate 10/1h LogWhy Yes Syslog Yes SyslogSuccess Yes Mode sv Canonicalization relaxed/simple ExternalIgnoreList refile:/etc/opendkim/TrustedHosts InternalHosts refile:/etc/opendkim/TrustedHosts KeyTable refile:/etc/opendkim/KeyTable SigningTable refile:/etc/opendkim/SigningTable SignatureAlgorithm rsa-sha256 Socket inet:8891@localhost PidFile /var/run/opendkim/opendkim.pid UMask 022 UserID opendkim:opendkim TemporaryDirectory /var/tmp
設定 public & private key (例如你的 dmian 是 mydomain.com
## mkdir /etc/opendkim/keys/mydomain.com ## opendkim-genkey -D /etc/opendkim/keys/mydomain.com/ -d mydomain.com -s default ## chown -R opendkim: /etc/opendkim/keys/mydomain.com ## mv /etc/opendkim/keys/mydomain.com/default.private /etc/opendkim/keys/mydomain.com/default
加 mydomain.com 到 /etc/opendkim/KeyTable
default._domainkey.mydomain.com mydomain.com:default:/etc/opendkim/keys/mydomain.com/default
改 /etc/opendkim/SigningTable
*@mydomain.com default._domainkey.mydomain.com
加你的 domain 與 hostname加到 /etc/opendkim/TrustedHosts:
127.0.0.1 mydomain.com host.mydomain.com
加 DNS 的 TXT 資訊 ....看機器內的 /etc/opendkim/keys/mydomain.com/default.txt
default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDApHRr7ZmXRaAB+RQRbP4VdMwIrIHIP18KFtXRsv/xpWc0Gix6ZXN13fcG03KNGKZo2PY+csPkGC5quDnH5V0JEhDZ78KcDWFsU6u4fr9ktVAdt6P7jWXjcyqdHOZ8+YN4cAeU4lRFNgQvdupIcByYwzPYMgBFHfJm9014HvRqhwIDAQAB" ) ; ----- DKIM key default for mydomain.com
DNS 也要加 SPF 資訊
mydomain.com. 14400 IN TXT "v=spf1 a mx ~all"
等DNS 生效查看 DNS 資訊
## dig +short default._domainkey.mydomain.com TXT "v=DKIM1\; k=rsa\; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDApHRr7ZmXRaAB+RQRbP4VdMwIrIHIP18KFtXRsv/xpWc0Gix6ZXN13fcG03KNGKZo2PY+csPkGC5quDnH5V0JEhDZ78KcDWFsU6u4fr9ktVAdt6P7jWXjcyqdHOZ8+YN4cAeU4lRFNgQvdupIcByYwzPYMgBFHfJm9014HvRqhwIDAQAB"
檢查 key (http://dkimcore.org/tools/keycheck.html)
要填入
Selector :default
Domain name: mydomain.com
例如 google 的 出現
postfix 的 main.cf 內要加 OpenDKIM 資訊
smtpd_milters = inet:127.0.0.1:8891 non_smtpd_milters = $smtpd_milters milter_default_action = accept milter_protocol = 2
要重啟opendkim & postfix
## service opendkim start ## chkconfig opendkim on ## service postfix restart
寄信到 check-auth@verifier.port25.com 收到回信
========================================================== Summary of Results ============================== ============================ SPF check: pass DomainKeys check: neutral DKIM check: pass SpamAssassin check: ham ============================== ============================ Details: ============================== ============================ HELO hostname: mydomain.com Source IP: XXX.XXX.XXX.XXX mail-from: test@mydomain.com
文章標籤
全站熱搜
雜七雜八 (1)