Install and integrate DKIM with OpenDKIM and Postfix on a CentOS

Install and integrate DKIM with OpenDKIM and Postfix on a CentOS

Written by:

In this article we are going to see  the steps of installing and configuring dkim with OpenDKIM  on a CentOS 7. I am showing some easy steps with pictures as well video tutorial tutorial to install and configure OpenDKIM. Lets learn something about OpenDKIM

What is OpenDKIM ?

OpenDKIM is an open source implementation of the DKIM (Domain Keys Identified Mail) sender authentication system which is an email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is authorized by that domain’s administrators. A digital signature included with the message can be validated by the recipient using the signer’s public key published in the DNS.

Steps to Install OpenDKIM

1. Update system and install required packages

# sudo yum update -y

# yum install curl wget vim openssl man

 

2. Enable EPEL Repository

OpenDKIM is available in EPEL ( Extra Packages for Enterprise Linux ) Repository. EPEL Repository can enable with this command

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

We can check this repository is enabled in system by the following command

# yum repolist

 

3. Once you came to know EPEL Repository is enabled go ahead and install OpenDKIM

# yum install opendkim

 

4. Rename its default config file in etc/opendkim/ and proceed with adding new OpenDKIM Config file in the same directory with

# mv /etc/opendkim.conf{,.default}

# vi /etc/opendkim.conf

 

5. Adding below configuration in new opendkim.conf

AutoRestart Yes
AutoRestartRate 10/1h
LogWhy Yes
Syslog Yes
SyslogSuccess Yes
Mode sv
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
SignatureAlgorithm rsa-sha256
Socket inet:8891@localhost
PidFile /var/run/opendkim/opendkim.pid
UMask 022
UserID opendkim:opendkim
TemporaryDirectory /var/tmp

Configure Public / Private Keys

1. Generate keys for your Domain by the following commands

# mkdir /etc/opendkim/keys/testmail.in

# opendkim-genkey -D /etc/opendkim/keys/testmail.in/ -d testmail.in -s default

# chown -R opendkim: /etc/opendkim/keys/testmail.in

# mv /etc/opendkim/keys/testmail.in/default.private /etc/opendkim/keys/testmail.in/default

 

2. Once the key is generated successfully, add your domain in the following records

Edit  /etc/opendkim/KeyTable and add your domain name

default._domainkey.testmail.in testmail.in:default:/etc/opendkim/keys/testmail.in/default

 

3. next, edit /etc/opendkim/SigningTable and add the following record to OpenDKIM’s signing table

*@testmail.in default._domainkey.testmail.in

 

4. also add your domain and your hostname as trusted hosts in /etc/opendkim/TrustedHosts

127.0.0.1
testmail.in
mta.testmail.in

 

5. Start OpenDKIM and Enable the service on boot

# sudo systemctl start opendkim.service

# sudo systemctl enable opendkim.service

 

6. finally, edit your testmail.in DNS zone and add the TXT record from /etc/opendkim/keys/testmail.in/default.txt also

 

 

7. You should add an SPF record if you haven’t already

testmail.in. 14400 IN TXT “v=spf1 a mx ~all

 

8. Verify your dkim TXT record is valid using dig for example

# dig +short default._domainkey.mydomain.com TXT

Configure Postfix

1. To integrate OpenDKIM with Postfix we need to add the following few lines in /etc/postfix/main.cf

smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
milter_protocol = 2

 

2. Finally, Restart Services

Add OpenDKIM to your system’s start-up and start opendkim and restart postfix using the following commands:

# systemctl restart opendkim.service

# systemctl restart postfix.service

Test The Setup

To test the set-up simply send an email to [email protected] and you should receive back an email containing something like this:

==========================================================
Summary of Results
==========================================================
SPF check: pass
DomainKeys check: neutral
DKIM check: pass
DKIM check: pass

Video Tutorial

47 responses to “Install and integrate DKIM with OpenDKIM and Postfix on a CentOS”

  1. sikis izle Avatar
    sikis izle

    Helpful info. Lucky me I discovered your website accidentally, and I am surprised why this twist of fate did not took place earlier! I bookmarked it. Sibylle Jud Adamec

    1. TechsBucket Avatar
      TechsBucket

      Thank You So Much..

  2. erotik Avatar
    erotik

    Very good blog. Really looking forward to read more. Keep writing. Jermaine Brendan Cody

    1. TechsBucket Avatar
      TechsBucket

      Thank You Jermaine..

  3. sikis Avatar
    sikis

    As soon as I found this web site I went on reddit to share some of the love with them. Ingaberg Giles Dubenko

    1. TechsBucket Avatar
      TechsBucket

      My Pleasure.. ?

  4. sikis Avatar
    sikis

    If you want to take much from this piece of writing then you have to apply such techniques to your won web site. Jean Georg Girand

  5. bahis Avatar
    bahis

    Enjoyed every bit of your article. Much thanks again. Much obliged. Andriette Kenyon Rudolf

  6. erotik Avatar
    erotik

    You made some nice points there. I did a search on the issue and found most individuals will consent with your blog. Karlie Rem Barden

  7. bahis Avatar
    bahis

    Looks good. Thank you Bryan and Silas for getting this up and running. Phylis John Casper

  8. erotik Avatar
    erotik

    I enjoyed reading this. Great read. Your article has proven useful to me. Nice read. Agretha Saw Angelina

  9. sikis Avatar
    sikis

    I really like and appreciate your blog article. Really thank you! Want more. Celeste Claiborn Gies

  10. erotik Avatar
    erotik

    Your way of telling all in this paragraph is truly nice, every one be able to simply be aware of it, Thanks a lot. Mary Kerr Mab

  11. erotik Avatar
    erotik

    Wonderful post! We are linking to this great content on our website. Keep up the good writing. Catriona Baldwin Brenda

  12. bahis Avatar
    bahis

    Sed fringilla mauris sit amet nibh. Donec sodales sagittis magna. Miguela Enrique Bullen

    1. TechsBucket Avatar
      TechsBucket

      Thank You all for your positive comments 🙂 Many more to come on my blog 🙂 Keep visiting and thank you again 🙂 subscribe my youtube channel 🙂

  13. sikis Avatar
    sikis

    Great article! We will be linking to this great content on our site. Keep up the great writing. Emelyne Shelby Julianne

  14. sikis Avatar
    sikis

    Terrific article. I am just expecting a lot more. You happen to be this kind of good creator. Carissa Ricky Burnight

    1. TechsBucket Avatar
      TechsBucket

      Thank You all for your positive comments 🙂 Many more to come on my blog 🙂 Keep visiting and thank you again 🙂 subscribe my youtube channel 🙂

  15. erotik Avatar
    erotik

    There is visibly a lot to identify about this. I believe you made various nice points in features also. Glenna Langsdon Herrle

  16. erotik Avatar
    erotik

    Stuk voor stuk professioneel en eerlijk in de onderhandelingen met ons. Gwendolyn Samuel Orelu

    1. TechsBucket Avatar
      TechsBucket

      Thank You all for your positive comments 🙂 Many more to come on my blog 🙂 Keep visiting and thank you again 🙂 subscribe my youtube channel 🙂

  17. web-dl Avatar
    web-dl

    This is one awesome blog. Really looking forward to read more. Cool. Maye Mark Royal

    1. TechsBucket Avatar
      TechsBucket

      Thank You all for your positive comments 🙂 Many more to come on my blog 🙂 Keep visiting and thank you again 🙂 subscribe my youtube channel 🙂

  18. ucretsiz Avatar
    ucretsiz

    Hey there! This is kind of off topic but I need some advice from an established blog. Lilith Gallard Nicoli

    1. TechsBucket Avatar
      TechsBucket

      Thank You all for your positive comments 🙂 Many more to come on my blog 🙂 Keep visiting and thank you again 🙂 subscribe my youtube channel 🙂

  19. web-dl Avatar
    web-dl

    This piece of writing will help the internet visitors for building up new website or even a weblog from start to end. Martina Mano Riccardo

  20. bedava Avatar
    bedava

    When some one searches for his vital thing, so he/she desires to be available that in detail, so that thing is maintained over here. Amara Wilburt Anatole

  21. download Avatar
    download

    There is noticeably a package to know about this. I presume you made sure nice points in functions also. Vanessa Sammie Garth

  22. download Avatar
    download

    Astonishingly individual friendly website. Huge info offered on few clicks on. Anselma Bartholomeo Noonberg

  23. web-dl Avatar
    web-dl

    Hey There. I discovered your blog using msn. This is a very smartly written article. Heather Fabio Mojgan

  24. web-dl Avatar
    web-dl

    Very couple of web sites that transpire to become detailed beneath, from our point of view are undoubtedly properly worth checking out. Waneta Korey Kienan

  25. torrent Avatar
    torrent

    This is my first time visit at here and i am really impressed to read everthing at alone place. Mariel Wallis Negris

    1. TechsBucket Avatar
      TechsBucket

      thank you Mariel..

  26. yify Avatar
    yify

    I quite like looking through a post that will make people think. Also, thanks for allowing me to comment. Ethelyn Raphael Stefanac

  27. torrent Avatar
    torrent

    I value the article post. Really thank you! Awesome. Alejandra Falito Melodee

    1. TechsBucket Avatar
      TechsBucket

      ?

  28. cheap flights Avatar
    cheap flights

    I visited multiple websites except the audio feature for audio
    songs existing at this site is actually marvelous.

  29. cheap flights Avatar
    cheap flights

    Simply desire to say your article is as astounding. The clarity for your post is just great and that i
    can think you are knowledgeable in this subject. Well with your permission allow
    me to grab your RSS feed to keep updated with approaching post.
    Thank you 1,000,000 and please keep up the gratifying work.

    1. TechsBucket Avatar
      TechsBucket

      Thanks.. 🙂 Many more to come..delays due to work from home..

    2. TechsBucket Avatar
      TechsBucket

      yes grab it…

  30. cheap flights Avatar
    cheap flights

    This information is invaluable. How can I find out
    more?

  31. Jai Prakash Sharma Avatar
    Jai Prakash Sharma

    Hello,

    I followed the complete steps but I’m not able to get my emails DKIM signed..here is the result –

    Thank you for using the verifier,

    The Port25 Solutions, Inc. team

    ==========================================================
    Summary of Results
    ==========================================================
    SPF check: pass
    “iprev” check: pass
    DKIM check: none

    1. TechsBucket Avatar
      TechsBucket

      you can check it online with DNS lookup for SPF/DKIM for your domain.

  32. How to stop Email Spoofing – TechsBucket

    […] Also Read: Install and integrate DKIM with OpenDKIM […]

  33. Charles Avatar
    Charles

    Thanks this hellped me a lot!!!

    1. TechsBucket Avatar
      TechsBucket

      do not forget to share.

Leave a Reply to TechsBucket Cancel reply

Your email address will not be published. Required fields are marked *