Debian 9 DKIM sign outgoing mails sent by host

Discussion in 'Tips/Tricks/Mods' started by, Jul 18, 2018.

  1. Well-Known Member HowtoForge Supporter

    If you have a server called "" it is recommended not to add this to the virtual emaildomain list to avoid some issues.
    However you won't be able to add a dkim-key using the interface then.

    cd /var/lib/amavis/dkim
    amavisd-new genrsa /var/lib/dkim/ 2048
    amavisd-new showkeys
    you see the public dns entry along the public key, place it to the .public file accordingly to the contents of the other .public files.
    And chmod 644 both new files, I'm not a fan of it but that's how it's currently on my latest ispconfig.

    add a new file
    make sure you use the right selector hostname/filename

    Add the entry to your dns of course - voila your server is capable of signing mails sent by a logged in user, monit/munin mails .....
    don't forget the mx,spf,dmarc,..... entries for your subdomain / hostname aswell of course in case needed.
    If needed, restart your amavisd-new service

    ah yeah to use some mail testing tools you might want to add something to your
    root: [email protected]
    and run
    $newaliases to receive mail sent to root@hostname
    Last edited: Jul 18, 2018
    Jesse Norell likes this.
  2. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    Would that be generic enough to add an option under System Config > {server} > Mail ? The DNS could be updated automatically if the domain is already handled by ISPConfig, and displayed on screen for cut/paste.
  3. Well-Known Member HowtoForge Supporter

    That would be awesome :)

Share This Page