Geekly Articles each Day

рдмрд▓реНрдХ рдореЗрд▓рд┐рдВрдЧ рдХреЗ рд▓рд┐рдП Exim + OpenDKIM рдХрд╛рд░реНрдпрд╛рдиреНрд╡рдпрди

рдПрдХ рдирдпрд╛ рдкреНрд░реЛрдЬреЗрдХреНрдЯ рд▓реЙрдиреНрдЪ рдХрд░рдиреЗ рдХреЗ рд▓рд┐рдП рд╕рдм рдХреБрдЫ рддреИрдпрд╛рд░ рдерд╛, рдХреЗрд╡рд▓ рдПрдХ рд╕рдорд╕реНрдпрд╛ рдереА - рдЬреАрдореЗрд▓ рдиреЗ рд╕реНрдкреИрдо рдХреЛ рдкреБрд╖реНрдЯрд┐ рдкрддреНрд░ рднреЗрдЬреЗред рдЬреАрдореЗрд▓ рд╕реЗрд╡рд╛ рдХреА рдорджрдж рдХреА рд╕рдореАрдХреНрд╖рд╛ рдХрд░рдиреЗ рдХреЗ рдмрд╛рдж, рдореБрдЭреЗ рдПрд╣рд╕рд╛рд╕ рд╣реБрдЖ рдХрд┐ рдореБрдЦреНрдп рд╕рдорд╕реНрдпрд╛ рд╕рд░реНрд╡рд░ рдкрд░ рдбреАрдХреЗрдЖрдИрдПрдо рдХрд╛рд░реНрдпрд╛рдиреНрд╡рдпрди рдХреА рдХрдореА рд╣реИред рдореЗрд░реЗ рдорд╛рдорд▓реЗ рдореЗрдВ, рдПрдХреНрдЬрд┐рдо рдИрдореЗрд▓ рднреЗрдЬрдиреЗ рдореЗрдВ рд╢рд╛рдорд┐рд▓ рдерд╛ред рдПрдХреНрдЬрд┐рдо + рдбреАрдХреЗрдЖрдИрдПрдо рдХрд╛ рдПрдХ рдЧреБрдЪреНрдЫрд╛ рд▓рд╛рдЧреВ рдХрд░рдирд╛ рдЖрд╡рд╢реНрдпрдХ рдерд╛ред рдХрд╛рд╢, рдбреАрдХреЗрдЖрдИрдПрдо рдХрд╛рд░реНрдпрд╛рдиреНрд╡рдпрди рдЙрдкрдпреЛрдЧрд┐рддрд╛ рдХреЛ рдлреНрд░реАрдмреАрдПрд╕рдбреА рдореЗрдВ рдмрджрд▓рдиреЗ рдХреЗ рдХрд╛рд░рдг, рд╕рднреА рдирд┐рд░реНрджреЗрд╢ рдкреБрд░рд╛рдиреЗ рд╣реИрдВред рдореБрдЭреЗ рдХрдИ рджрд┐рдиреЛрдВ рдХреЗ рд▓рд┐рдП рдПрдХреНрдЬрд┐рдо + рдбреАрдХреЗрдЖрдИрдПрдо рдХреЛ рдиреЗрддреНрд░рд╣реАрди рд░реВрдк рд╕реЗ рдХреЙрдиреНрдлрд╝рд┐рдЧрд░ рдХрд░рдирд╛ рдкрдбрд╝рд╛ред рдЗрд╕ рд▓реЗрдЦ рдореЗрдВ рдореИрдВ Exim + DKIM рдХрд╛рд░реНрдпрд╛рдиреНрд╡рдпрди рдХреЗ рд╕рднреА рдЪрд░рдгреЛрдВ рдХрд╛ рд╡рд░реНрдгрди рдХрд░реВрдБрдЧрд╛ред

рдмрд▓реНрдХ рдореЗрд▓рд┐рдВрдЧ рдФрд░ рд╕рд╛рдЗрдЯ рд╕реЗ рд╕реНрд╡рдЪрд╛рд▓рд┐рдд рдИрдореЗрд▓ рднреЗрдЬрдиреЗ рдХреЗ рд▓рд┐рдП DKIM рдХреА рдЖрд╡рд╢реНрдпрдХрддрд╛ рд╣реЛрддреА рд╣реИред рдЗрд╕ рддрдХрдиреАрдХ рдХреЗ рдмрд┐рдирд╛, рдЬреАрдореЗрд▓ рдкрд░ рд╕реНрдкреИрдо рдлрд╝рд┐рд▓реНрдЯрд░ рд╕реНрдХреНрд░рд┐рдкреНрдЯ рджреНрд╡рд╛рд░рд╛ рднреЗрдЬреЗ рдЧрдП рдИрдореЗрд▓ рдХреА рдЕрдиреБрдорддрд┐ рдирд╣реАрдВ рджреЗрддреЗ рд╣реИрдВред рдПрдХреНрдЬрд╝рд┐рдо рдХреЗ рд▓рд┐рдП рдбреАрдХреЗрдЖрдИрдПрдо рдХреБрдВрдЬреА рдХреЗ рд╕рд╛рде рд╣рд╕реНрддрд╛рдХреНрд╖рд░рд┐рдд рдкрддреНрд░ рднреЗрдЬрдиреЗ рдХреЗ рд▓рд┐рдП, рдПрдХ рдЕрддрд┐рд░рд┐рдХреНрдд OpenDKIM рдЙрдкрдпреЛрдЧрд┐рддрд╛ рд╕реНрдерд╛рдкрд┐рдд рдХреА рдЬрд╛рдиреА рдЪрд╛рд╣рд┐рдПред рдкрд╣рд▓реЗ, dkim- рдлрд╝рд┐рд▓реНрдЯрд░ рдЙрдкрдпреЛрдЧрд┐рддрд╛ рдХрд╛ рдЙрдкрдпреЛрдЧ рдХрд┐рдпрд╛ рдЧрдпрд╛ рдерд╛, рдбреЗрд╡рд▓рдкрд░реНрд╕ рдиреЗ рдЗрд╕рдХрд╛ рд╕рдорд░реНрдерди рдХрд░рдирд╛ рдмрдВрдж рдХрд░ рджрд┐рдпрд╛ рдерд╛ред

рдореИрдВ рдЖрдкрдХреЛ рд▓реЗрдЦ рдкрдврд╝рдиреЗ рдХреА рд╕рд▓рд╛рд╣ рджреЗрддрд╛ рд╣реВрдВред рдпрд╣ рд╕реНрдкрд╖реНрдЯ рд░реВрдк рд╕реЗ рдмрддрд╛рддрд╛ рд╣реИ рдХрд┐ рдпрд╣ рдХреИрд╕реЗ рд╕реБрдирд┐рд╢реНрдЪрд┐рдд рдХрд░реЗрдВ рдХрд┐ рдЖрдкрдХреЗ рдкрддреНрд░ рд╕реНрдкреИрдо рдореЗрдВ рди рдкрдбрд╝реЗрдВред рдПрдХреНрдЬрд╝рд┐рдо + рдбреАрдХреЗрдЖрдИрдПрдо рдмрдВрдбрд▓ рдХреЛ рд▓рд╛рдЧреВ рдХрд░рдиреЗ рдХреЗ рд▓рд┐рдП рд▓реЗрдЦ рдкреБрд░рд╛рдирд╛ рд╣реИ, рдмрд╛рдХреА рд╕рдм рдХреБрдЫ рдкреНрд░рд╛рд╕рдВрдЧрд┐рдХ рд╣реИред

рд╕реНрдерд╛рдкрдирд╛ 5 рдЪрд░рдгреЛрдВ рдореЗрдВ рдХреА рдЧрдИред



1. OpenDKIM рд╕реНрдерд╛рдкрд┐рдд рдХрд░рдирд╛

cd /usr/ports/mail/opendkim
make install clean

2. рдХреБрдВрдЬрд┐рдпрд╛рдБ рдмрдирд╛рдПрдБ рдФрд░ OpenDKIM рдФрд░ DNS рд░рд┐рдХреЙрд░реНрдб рдХреЙрдиреНрдлрд╝рд┐рдЧрд░ рдХрд░реЗрдВ

рд╕рдмрд╕реЗ рдкрд╣рд▓реЗ рдЖрдкрдХреЛ рдПрдХ рдорд╣рддреНрд╡рдкреВрд░реНрдг рдЬреЛрдбрд╝реА рдЙрддреНрдкрдиреНрди рдХрд░рдиреЗ рдХреА рдЖрд╡рд╢реНрдпрдХрддрд╛ рд╣реИ - рдмрд╛рд╣рд░реА рдФрд░ рдЖрдВрддрд░рд┐рдХред рдмрд╛рд╣рд░реА рдХреЛ DNS рд░рд┐рдХреЙрд░реНрдб рдореЗрдВ рд╕рдВрдЧреНрд░рд╣реАрдд рдХрд┐рдпрд╛ рдЬрд╛рдПрдЧрд╛, рдФрд░ рдЖрдВрддрд░рд┐рдХ - рд╕рд░реНрд╡рд░ рдкрд░ред

рддреЛ, рд╣рдо рдХреБрдВрдЬреА рдЙрддреНрдкрдиреНрди рдХрд░рддреЗ рд╣реИрдВ:

opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .
opendkim-genkey -D /var/db/opendkim -d <domain.name> -s

/var/db/opendkim тАФ ,
<domain.name> - (example.com)
selector тАФ , (, mail). DNS exim`.

:

opendkim-genkey -D /var/db/opendkim -d example.com -s mail

, тАФ mail.txt (mail тАФ ) mail.private. :

cat /var/db/opendkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN тАж mpwIDAQAB" ) ; ----- DKIM key mail for example.com.

mail.txt DNS example.com, ( ):

mail._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGS тАж wIDAQAB"

DNS :

_adsp._domainkey.example.com IN TXT "dkim=unknown"

mail.private , exim . :

chown mailnull:mail /var/db/opendkim/mail.private
chmod 600 /var/db/opendkim/mail.private

config opendkim mail.private. config:

vim (or something else) /usr/local/etc/opendkim.conf

# This is a simple config file for signing and verifying

LogWhy yes
Syslog yes
SyslogSuccess yes

Canonicalization relaxed/simple

Domain example.com
Selector mail
KeyFile /var/db/opendkim/mail.private

Socket inet:8891@localhost

ReportAddress support@example.com
SendReports yes

## Hosts to sign email for - 127.0.0.1 is default
## See the OPERATION section of opendkim(8) for more information
#
# InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12

## For secondary mailservers - indicates not to sign or verify messages
## from these hosts
#
# PeerList XXXX

# PidFile /var/run/opendkim/opendkim.pid

, .

C opendkim` . Exim.

3. Exim
transports:

vim /usr/local/etc/exim/configure

begin transports :

DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /var/db/opendkim/mail.private #- !!!!
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

:

remote_smtp:
driver = smtp

:

remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail # - .
dkim_private_key = DKIM_PRIVATE_KEY

4. milter_opendkim
/usr/local/etc/rc.d/milter-opendkim start

5. Exim
/usr/local/etc/rc.d/exim reload

Exim , .

DKIM :

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d= example.com; s=mail;
h=Date:Message-Id:From:Content-type:MIME-Version:Subject:To; bh=RUNтАж0qKg=;
b=EEla1LMRmтАжQ6CYJM/VHg=;
Received: from example by xxx.freehost.com.ua with local (Exim 4.80.1 (FreeBSD))

тАУ DKIM .

, . "" . . . .

Source: https://habr.com/ru/post/In163577/

More articles:


All Articles