1.安装opendkim
apt-get install opendkim opendkim-tools
2.安装完成后,输入如下命令,会在当前目录下生成公钥和私钥两个文件:default.private 和 default.txt
opendkim-genkey -r -d liangchicun.com
default.txt中的内容如下:
default._domainkey IN TXT ( "v=DKIM1; k=rsa; s=email; "
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBtysBgQDTMRokKth9CLVNTKk2hptWbsDpOpVP9plndvCSDY2qaGP2ZSwUmL1wLsP9b/mocrMbJUWYiF3b0qJuYoD8WbgDcMFE22rbGs5li8EHeUxx4PAXm18/zpuJk6RapqmqFkYnQK5Fq6/cSn2PjP/bEBePzAmDUvEelf/Y+KjXcQYZ7wIDAQAB" ) ; ----- DKIM key default for liangchicun.com
3.把私钥放到想要的位置,比如 /var/db/dkim/ 后执行命令
#chown -R opendkim:opendkim /var/db/dkim
#chmod 440 /var/db/dkim/default.private
4.在/etc/opendkim.conf文件中,由KeyFile参数指定上面的私钥位置,配置如下:
Syslog yes
UMask 002
Canonicalization relaxed/simple
Mode sv
Syslog yes
SyslogSuccess yes
LogWhy yes
UserID opendkim:opendkim
Socket inet:127.0.0.1:8891
DKIM配置完成,再修改Postfix中的配置,在发信的时候启用加密功能。在 /etc/postfix/main.cf 中加入如下内容:
smtpd_milters= inet:127.0.0.1:8891
milter_default_action = accept
milter_protocol = 2
non_smtpd_milters = inet:127.0.0.1:8891
5.重启postfix和opendkim
service postfix restart
service opendkim restart
6.设置域名NS记录,增加一条名为default._domainkey的TXT记录,其内容为default.txt中的文本,形式设定如下:
v=DKIM1;k=rsa;s=email;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBtysBgQDTMRokKth9CLVNTKk2hptWbsDpOpVP9plndvCSDY2qaGP2ZSwUmL1wLsP9b/mocrMbJUWYiF3b0qJuYoD8WbgDcMFE22rbGs5li8EHeUxx4PAXm18/zpuJk6RapqmqFkYnQK5Fq6/cSn2PjP/bEBePzAmDUvEelf/Y+KjXcQYZ7wIDAQAB
7.验证DKIM
然后验证:http://dkimcore.org/tools/
Check a published DKIM Core Key:
Selector:default
Domain name:liangchicun.com