postfix opendkim questions

Discussion in 'Server Operation' started by Tomislav Aurednik, Nov 23, 2016.

  1. Hi, I'm running a Ubuntu 14.04 mail server and I installed opendkim. For the domains I create the DNS TXT record for dkim the mail header says
    dkim=pass (1024-bit key)
    Received: from ([])

    but on domains that I don't create the record it trys dkim but does not work
    dkim=neutral reason="invalid (public key: not available)"
    Received: from ([])

    I have configured my /etc/opendkim.conf
    Domain *
    KeyFile /etc/postfix/dkim.key
    Selector dkim
    SOCKET inet:8891@localhost

    # Common settings. See dkim-filter.conf(5) for more information.
    AutoRestart yes
    Background yes
    Canonicalization relaxed/relaxed
    DNSTimeout 5
    Mode sv
    SignatureAlgorithm rsa-sha256
    SubDomains no
    #UseASPDiscard no
    #Version rfc4871
    X-Header no

    Added few lines to postfix and added no_milters to receive_override_options in
    milter_default_action = accept
    milter_protocol = 2
    smtpd_milters = inet:localhost:8891
    non_smtpd_milters = inet:localhost:8891

    Then created the key with opendkim-genkey -t -s dkim -d *
    And added the DNS TXT record
    Text v=DKIM1; g=*; k=rsa; p=<the content of the key>

    Now I wonder:
    1. Does the ispconfig install and clients mail domains count as a multi domain mail server?
    2. Do I need to create a rsa key for every clients mail domain?
    3. Can I create a rsa key just for my servers FQDN and use it for all or is there a way to create 1 key for all (like the startls cert that i use for all domains)?
    4. Any other advice?
  2. So no one knows anything about DKIM?

Share This Page