2013/09/08

DKIM replaced by Opendkim

In my last post about DKIM, the package I used is dkim-milter.  This is now replaced by opendkim.  For opendkim, the socket to use must be defined in “/etc/opendkim/opendkim.conf” and “/etc/mail/sendmail.mc”.

I found two great features in opendkim, namely SigningTable and TrustHosts.  SigningTable defines which users could use the private to sign outgoing email.  I think it should be * which means everyone.  As for TrustHosts, as the name implies, it tells what domains and IP addresses can utilize which key to sign email messages if the SMTP server is serving multiple domains.  For interest sake, I dump a few config lines of the associated files.

/etc/mail/opendkim/singingtable

#*@abc.com default._domainkey.example.com
*@abc.com default._domainkey.abc.com
admin@vm-host.net default._domainkey.vm-host.net

/etc/mail/opendkim/trusthosts
# To use this file, uncomment the #ExternalIgnoreList and/or the #InternalHosts
# option in /etc/opendkim.conf then restart OpenDKIM. Additional hosts
# may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
# The localhost IP (127.0.0.1) should be the first entry in this file.
127.0.0.1
mail.abc.com
vm-host.net
202.81.251.17

No comments: