May 142013

Ci spiace, ma questo articolo è disponibile soltanto in Inglese Americano.

Popular Posts:

Flattr this!

  12 Responses to “(English) Using OpenDKIM to Sign Postfix Mails on Debian”

  1. Interesting article. Thanks!

    Does this also work for vitual domains? Perhaps you might do another howto for using OpenDKIM with virtual domains.

  2. Of course it works, one just needs to create separate setting for each of his domains. Check step 3. 🙂

  3. You could perhaps modify the schema : publish/retrieve the public key (and not the private key)

  4. Why did you set milter protocol 2, not 6?

  5. at first: thank you very much for your tutorial, but i found one thing not working as expected when sending emails to this test service:
    it tells mit that “public key: does not support hash algorithm ‘sha256′”, so i recreated the keys with the following option removed: “-h rsa-sha256”
    No everything works like a charm.

  6. Thank you very much for your helpful tutorial.

    I had an issue with opendkim failing to find the key, throwing an error like this:
    signing table references unknown key ''

    I was able to solve this problem by modifying the entry for KeyTable in the opendkim configuration file (shown in step 10 above). Removing the “refile:” portion of the KeyTable line did the trick:
    KeyTable /etc/opendkim/KeyTable

    (Note that the SigningTable entry should still use “refile:”.)

    For reference, I am using opendkim 2.6.8. Perhaps the format for the configuration file has changed between versions.

  7. The “-h” parameter should be only “sha256” and not “rsa-sha256”.
    From the reference RFC:

    key-h-tag = %x68 [FWS] "=" [FWS] key-h-tag-alg
    *( [FWS] ":" [FWS] key-h-tag-alg )
    key-h-tag-alg = "sha1" / "sha256" / x-key-h-tag-alg
    x-key-h-tag-alg = hyphenated-word ; for future extension

  8. Help me out whenever I need to freshly set up my server! You should consier accepting tips via Bitcoin. 😉

  9. Thank so much, this article is very helpful, but i found error in “OversignHeaders From” on step 10, i don’t know how to fix this. please help me.

  10. Nice guide but it needs an update opendkim-genkey -r -h rsa-sha256 -d -s mail should be
    opendkim-genkey -r -h sha256 -d -s mail

    else it generates a permerror testing dkim at elandsys auto test

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>