From Gentoo Wiki
Jump to:navigation Jump to:search
Before creating a discussion or leaving a comment, please read about using talk pages. In particular, sign comments using ~~~~ and add new discussions at the bottom of the page. New discussions should be made visible with {{Talk|date = 2024-05-20}}.
== Discussion title ==

{{Talk|date = 2024-05-13}}

A comment [[User:Larry|Larry]] 13:52, 13 May 2024 (UTC)
: A reply [[User:Sally|Sally]] 11:29, 14 May 2024 (UTC)
:: Another reply [[User:Larry|Larry]] 04:24, 20 May 2024 (UTC)
:: Your reply ~~~~

Navigate to first:

Different way

Talk status
This discussion is still ongoing.

I couldn't get it to work with these directions, but had to do it a different way.

My installation uses a UNIX socket instead of an Internet socket, as recommended by other installation guides online, for cleaner installation and better security.

However, Postfix couldn't talk to OpenDKIM unless OpenDKIM was installed under the username of "postfix", probably not the best idea. I looked around, but couldn't find a workaround for this. Any suggestions?

Make directory, or fix permissions if it had already been made:

mkdir -m 0755 -p /var/run/opendkim
chown postfix:postfix -R /var/run/opendkim

Create /etc/opendkim/opendkim.conf file:

Mode     s
Selector mydkim
UserID   postfix:postfix
KeyFile  /etc/opendkim/mydkim.private
PidFile  /var/run/opendkim/
Socket   local:/var/run/opendkim/opendkim.sock

Change to your domain, of course.

The /etc/opendkim/mydkim.* files should already exist, when you ran "emerge --config mail-filter/opendkim" to configure it earlier.

You must publish the contents of /etc/opendkim/mydkim.txt to your DNS server. That's a subject for DNS administration, beyond the scope of this document.

Add to /etc/postfix/

smtpd_milters     = unix:/var/run/opendkim/opendkim.sock
non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock

Ensure OpenDKIM runs at startup:

rc-update add opendkim

Restart services:

postfix reload
/etc/init.d/opendkim restart

Did it work?

tail -f /var/log/messages /var/log/mail.log

If it worked, great! If it didn't work, you're bouncing mail! QUICKLY back out your changes to /etc/postfix/ and restart Postfix, hopefully you won't lose too much mail.

--Krellan 08:58, 2 October 2012 (UTC)

The DKIM recommendation to use only a 512 bit key is obsolete.

On this page, Google says "We do not authenticate DKIM using less than a 1024-bit key.".

--Krellan (talk) 22:45, 29 May 2013 (UTC)

spf & dig test

Talk status
This discussion is still ongoing.

a spf section should be noted before this article.

a dig test command should be posted to ensure that your dns settings are going through properly....

its the same test for spf & dkim.
user $dig txt

666threesixes666 (talk) 03:39, 25 December 2013 (UTC)