Quick And Easy Setup For DomainKeys Using Ubuntu, Postfix And Dkim-Filter

Channel: Linux
Abstract: # Sign for example.com with key in /etc/mail/dkim.key usingcd /var/dkim-filter sudo openssl genrsa -out private.key 1024 sudo openssl rsa -in private.
Linux . Set-Up-DKIM-For-Multiple-Domains-On-Postfix-With-dkim-milter-28x-(CentOS-53)
Linux . How-to-Setup-DomainKeys-(DKIM)-with-Postfix-on-CentOS-RHEL-7-6
Linux . Virtual-Users-And-Domains-With-Postfix-Courier-MySQL-And-SquirrelMail-(Ubuntu-1204-LTS)
Quick And Easy Setup For DomainKeys Using Ubuntu, Postfix And Dkim-Filter

This is a quick tutorial for setting up DomainKeys on Ubuntu (I used 6.06LTS - but should work the same on others) using dkim-filter with Postfix so emails from your domain will not constantly end up in Yahoo's spam filter.

First install dkim-filter from the respositories: 

sudo apt-get install dkim-filter

Next create a location for storing the public and private keys required: 

sudo mkdir /var/dkim-filter

Enter into that directory and create keys: 

cd /var/dkim-filter
sudo openssl genrsa -out private.key 1024
sudo openssl rsa -in private.key -out public.key -pubout -outform PEM

Edit dkim-filter configuration file, almost everything is commented out by default. Here is a copy of my config. Replace DOMAIN.TLD with your domain name. 

# Log to syslog
  Syslog			yes
  # Required to use local socket with MTAs that access the socket as a non-
  # privileged user (e.g. Postfix)
#UMask			002


# Sign for example.com with key in /etc/mail/dkim.key using
  # selector '2007' (e.g. 2007._domainkey.example.com)
  Domain	DOMAIN.TLD		
  KeyFile		/var/dkim-filter/private.key
  Selector		mail 

# Common settings. See dkim-filter.conf(5) for more information.
  AutoRestart		no
  Background		yes
  Canonicalization	simple
  DNSTimeout		5
  Mode			sv
  SignatureAlgorithm	rsa-sha256
  SubDomains		no
  UseSSPDeny		no
  X-Header		no

At this point you should be able to successfully start the service and check for any errors in the syslog.

sudo /etc/init.d/dkim-filter start

Now add the selector and public key info into your DNS zone file. Change the DOMAIN.TLD to match your domain name, and add the key contents from: /var/dkim-filter/public.key after the p=

Make sure there are no spaces or line breaks! 

;;;; MAKE MANUAL ENTRIES BELOW THIS LINE! ;;;;

mail._domainkey.DOMAIN.TLD. IN TXT "k=rsa; t=y; p=MIGfKh1FC.....bfQIDAQAB"

Edit  the Postfix configuration file... 

sudo vi /etc/postfix/main.cf

... and add the following to the bottom of the file: 

milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

Next restart BIND and Postfix: 

sudo /etc/init.d/bind9 restart
sudo /etc/init.d/postfix restart

Test by sending a mail to a Yahoo account, check the header for DomainKeys status.

Ref From: howtoforge
Channels: ubuntupostfix

Related articles

Virtual-Users-And-Domains-With-Postfix-Courier-MySQL-And-SquirrelMail-(Ubuntu-810)
The-Perfect-Server---Ubuntu-1110-[ISPConfig-3]
Postfix-Monitoring-with-Mailgraph-on-Ubuntu-1404-LTS
How-to-Configure-Bridged-Networking-for-KVM-on-Ubuntu-1604-1404-Debian-9
LFCS-How-to-Manage-and-Create-LVM-Using-vgcreate-lvcreate-and-lvextend-Commands---Part-11
How-to-Setup-Network-Interface-on-Ubuntu-Debian--LinuxMint
How-to-Setup-UFW-Firewall-on-Ubuntu-and-Debian
How-to-Rescue-Repair-and-Reinstall-GRUB-Boot-Loader-in-Ubuntu