Pages

Saturday, November 5, 2016

Install DKIM SPF in CentOS

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
 rpm -ivh epel-release-6-8.noarch.rpm
 yum install dkim-milter


 vi /etc/mail/dkim-milter/dkim-filter.conf
KeyList /etc/mail/dkim-milter/keys/keylist

vi /etc/mail/dkim-milter/keys/keylist
*@tayabkhan.com:tayabkhan.com:/etc/mail/dkim/keys/tayabkhan.com/default


mkdir -p /etc/mail/dkim/keys/tayabkhan.com
cd /etc/mail/dkim/keys/tayabkhan.com
dkim-genkey -r -d tayabkhan.com
chmod 644 *
mv default.private default

cat default.txt
add those lines bottom of the zone file of tayabkhan.com
 
vi /etc/mail/dkim-milter/dkim-filter.conf
Socket inet:8892@localhost

= vi /etc/postfix/main.cf

 milter_default_action = accept
 milter_protocol = 2
 smtpd_milters = inet:localhost:8891
 non_smtpd_milters = inet:localhost:8891



/etc/init.d/dkim-milter start

chkconfig dkim-milter on
/etc/init.d/dkim-milter restart

========================
Open DKIM
==========================
yum install opendkim

cp opendkim.conf open-dkim-old

vi /etc/opendkim.conf
100 dd

AutoRestart             Yes
AutoRestartRate         10/1h
LogWhy                  Yes
Syslog                  Yes
SyslogSuccess           Yes
Mode                    sv
Canonicalization        relaxed/simple
ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
InternalHosts           refile:/etc/opendkim/TrustedHosts
KeyTable                refile:/etc/opendkim/KeyTable
SigningTable            refile:/etc/opendkim/SigningTable
SignatureAlgorithm      rsa-sha256
Socket                  inet:8891@localhost
PidFile                 /var/run/opendkim/opendkim.pid
UMask                   022
UserID                  opendkim:opendkim
TemporaryDirectory      /var/tmp

-------------
mkdir /etc/opendkim/keys/tayabkhan.com
opendkim-genkey -D /etc/opendkim/keys/tayabkhan.com/ -d tayabkhan.com -s default
chown -R opendkim: /etc/opendkim/keys/tayabkhan.com
mv /etc/opendkim/keys/tayabkhan.com/default.private /etc/opendkim/keys/tayabkhan.com/default

vi /etc/opendkim/KeyTable
default._domainkey.tayabkhan.com tayabkhan.com:default:/etc/opendkim/keys/tayabkhan.com/default


 vi /etc/opendkim/TrustedHosts
127.0.0.1
#host.example.com
#192.168.1.0/24
tayabkhan.com
ns3.tayabkhan.com
mail.tayabkhan.com
203.190.8.0/21


cat /etc/opendkim/keys/mydomain.com/default.txt
default._domainkey IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4pWYSQmBf5fDCwQtXAM0G3NIwMElLKHpmtCMHiWpMAttPmAgUvVYFCElWeYgpkUkb0FKTbXEVYJTKNmUMABwlVMxTOBQd8lZaI574FQf6Ch/KeONRfsMrPBkG/Vdp4IKnmseJJn65lPTDZWlr7s28GeKbCQeet2HnXh65vQWHYwIDAQAB" ; ----- Tayab khan created DKIM default for tayabkhan.com
tayabkhan.com.   TXT "v=spf1 a mx ptr -all"
And add dns zone file entry above the way.


 vi /etc/opendkim/SigningTable
*@tayabkhan.com default._domainkey.tayabkhan.com



vi /etc/postfix/main.cf

smtpd_milters           = inet:127.0.0.1:8891
non_smtpd_milters       = $smtpd_milters
milter_default_action   = accept
milter_protocol         = 2




service opendkim start
chkconfig opendkim on
service postfix restart


# Enjoy#############

No comments:

Post a Comment