19
edits
Changes
Jump to navigation
Jump to search
Line 896:
Line 896: − + − + Line 904:
Line 904: − + − + + +
no edit summary
chmod 0700 dkim.private
chmod 0700 dkim.private
For each domain you want to sign:
For each domain you want to sign:
cp -a dkim.private domainename.ext.private
cp -a dkim.private <fully qualified domain name>.private (less the <> brackets)
Then create a fragment:
Then create a template fragment:
mkdir --parent /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local
mkdir --parent /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local
echo "dkim_sign keys dkim">/etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local/69dkim_sign
echo "dkim_sign keys dkim">/etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local/69dkim_sign
Finally propagate your public key "dkim.public" content (<key text>) to your DNS.
Finally propagate your public key "dkim.public" content (<key text>) to your DNS.
Check with your DNS server / registrar. Something similar to the following should work but it varies depending on provider - replace "domain.ext" with your doman details e.g "mydomain.org" :
Check with your DNS server / registrar. Something similar to the following should work but it varies depending on provider - replace <fully qualified domain name> with your doman details e.g "mydomain.org" (less the <> brackets):
default._domainkey.domain.ext IN TXT "k=rsa; p=<key text>; t=y"
When extracting the key text from the dkim.public file it's on multiple lines. For the key to work for us in the DNS TXT record we need to exclude the header & footer lines & have just the key text as a single line string (the setup_dkim.sh script provides this info in the format required).
default._domainkey.<fully qualified domain name> IN TXT "k=rsa; p=<key text>; t=y"