MikeL's FreeBSD howto - dkim
[20240313]
Ok this one took a while to figure out...
I have quite a few virtual domains that I host. I do not want to have
to remember to update the Domain list manually any time I bring in a
new domain. The answer is simple, it just took a while to figure out.
Domain refile:[path to file]
(Don't ask me where the
magic incatation 'refile:' came from, I found it on a google
search from some random guys config.)
The file contains a simple list of all your domains, one per line.
Hopefully this will be compatible with
the local-host-names file in the sendmail config. I've
created a script to build this file from my namedb.conf file, but it
doesn't know about subdomains yet, so I've got more work to do. BTW
it appears to handle '#' comments.
https://dkimvalidator.com/
for testing.
pkg install opendkim
/usr/local/etc/mail/opendkim.conf, changes to:
Domain [your domain name] - this must be a comma seperated list of ALL the domains you serve which should have DKIM attached. Note that you'll need to include this system's hostname, not just domain name.
Socket local:/var/run/dkim/dkim-milter.sock
KeyFile /var/db/dkim/dkim-private-key
Selector email (using an external tester in 'auto' mode, it found this)
cd /etc
Edit group, add line:
dkim:*:4231:
Edit rc.conf, add:
milteropendkim_enable="YES"
cd /etc/mail
Edit your [systemname].mc
Add line:
INPUT_MAIL_FILTER(`dkim-filter', `S=local:/var/run/dkim/dkim-milter.sock, F=T, T=R:2m')
Add or change line to include dkim:
define(`confINPUT_MAIL_FILTERS', `spamassassin,dkim-filter')
make [systemname]
diff -cw sendmail.cf [systemname].cf
In my case, manually edit [systemname].cf and hack in near "dontblamesendmail":
O UseBlacklist=True
cp [systemname].cf sendmail.cf
cd /var/run
mkdir dkim
chown mailnull dkim
chgrp mailnull dkim
chmod 750 dkim
cd /var/db
mkdir dkim
chown mailnull dkim
chgrp mailnull dkim
Bring in your private key to this dkim dir, named for this example dkim-private-key
chgrp mailnull dkim-private-key
chmod 640 dkim-private-key
service milter-opendkim [start|status|stop]
Errors on startup in:
/var/log/messages
/var/log/maillog
Copyright © 1995-2024
Mike Lempriere
(running on host bayanus)