In my last post about DKIM, the package I
used is dkim-milter. This is now
replaced by opendkim. For opendkim,
the socket to use must be defined in “/etc/opendkim/opendkim.conf” and “/etc/mail/sendmail.mc”.
I found two great features in opendkim,
namely SigningTable and TrustHosts.
SigningTable defines which users could use the private to sign outgoing
email. I think it should be * which
means everyone. As for TrustHosts, as
the name implies, it tells what domains and IP addresses can utilize which key
to sign email messages if the SMTP server is serving multiple domains. For interest sake, I dump a few config lines
of the associated files.
/etc/mail/opendkim/singingtable
#*@abc.com default._domainkey.example.com
*@abc.com default._domainkey.abc.com
admin@vm-host.net
default._domainkey.vm-host.net
/etc/mail/opendkim/trusthosts
# To use this file, uncomment the #ExternalIgnoreList
and/or the #InternalHosts
# option in /etc/opendkim.conf then restart
OpenDKIM. Additional hosts
# may be added on separate lines (IP
addresses, hostnames, or CIDR ranges).
# The localhost IP (127.0.0.1) should be
the first entry in this file.
127.0.0.1
mail.abc.com
vm-host.net
202.81.251.17
No comments:
Post a Comment