DomainKeys Identified Mail (DKIM)

DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.


 * RFC 4871

Building Sendmail's libmailter From Source
First we need to download Sendmail so we can build against it's libraries. cd /var/src wget ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.3.tar.gz tar -xzf sendmail.8.14.3.tar.gz cd sendmail-8.14.3/libmilter/ Now lets compile the libmailter make echo $? And install it make install echo $?
 * http://www.howtoforge.com/postfix-dkim-with-dkim-milter-centos5.1

Building DKIM-Milter From Source
ln -s /usr/share/man /usr/man cd /var/src wget http://downloads.sourceforge.net/project/dkim-milter/DKIM%20Milter/2.8.3/dkim-milter-2.8.3.tar.gz tar -xzf dkim-milter-2.8.3.tar.gz cd dkim-milter-2.8.3 We can now compile make echo $?
 * http://sourceforge.net/projects/dkim-milter/

Installing DKIM-Milter
make install echo $?

cd dkim-filter/ cp -f dkim-genkey.sh /usr/local/bin/dkim-genkey.sh If this is the first time you are installing DKIM-Milter run the following: mkdir /etc/postfix/dkim-milter chown postfix:postfix /etc/postfix/dkim-milter You also need to install an init script, mine is explained below. wget http://wiki.mattrude.com/images/4/43/Dkim-milter.sh mv Dkim-milter.sh /etc/init.d/dkim-milter chmod 755 /etc/init.d/dkim-milter chkconfig dkim-milter on service dkim-milter start

Building the DKIM Keys
To build a key, one for each domain. From the source directory from above, go into the dkim-filter folder: cd dkim-filter/ And Run dkim-genkey.sh to create the key as below. dkim-genkey.sh -d example1.com mv default.private /etc/dkim-milter/example1.com_default.key.pem mv default.txt /etc/dkim-milter/example1.com.txt Now add the domain and the key file to the /etc/init.d/dkim-milter. To have multiple domains setup your init file as below: SIGNING_DOMAIN="example1.com,example2.com,example3.com" KEYFILE="/etc/dkim-milter/example1.com_default.key.pem" KEYFILE="/etc/dkim-milter/example2.com_default.key.pem" KEYFILE="/etc/dkim-milter/example3.com_default.key.pem"

Configuring Postfix for use with DKIM-Milter
In your /etc/postfix/master.cf file, add the following (BOLD) entry's. smtp     inet  n       -       -       -       -       smtpd -o content_filter=spamassassin -o smtpd_milters=unix:/var/run/dkim-milter/dkim.sock
 * 1) service type  private unpriv  chroot  wakeup  maxproc command + args
 * 2)               (yes)   (yes)   (yes)   (never) (50)
 * 1)               (yes)   (yes)   (yes)   (never) (50)

DKIM & DomainKey Testers

 * [mailto:sa-test@sendmail.net sa-test@sendmail.net] - Tests DKIM, DomainKey, SenderID, & SPF
 * [mailto:check-dk@verifier.port25.com check-dk@verifier.port25.com] - Tests DKIM and DomainKey
 * [mailto:dkim-test@testing.dkim.org dkim-test@testing.dkim.org] - Tests DKIM only
 * [mailto:dk@crynwr.com dk@crynwr.com] - Tests DomainKey only
 * [mailto:dktest@eserv.ru dktest@eserv.ru]
 * [mailto:pbmserv@gamerz.net pbmserv@gamerz.net]