2. Extract the public key for publishing as DNS txt records
3. Edit keylists to tell which public keys be included and for what domain
4. Edit sendmail.mc to add:
5. Recompile sendmail.mc to sendmail.cf by m4
6. Start up dkim-milter
7. Restart sendmail
The benefits are two fold. My emails can be verified by other DKIM-enabled SMTP servers for source authentication and the signature can guarantee no tamper is made in the end-to-end delivery process. On my server, the same can be done.
The public key can be found by:
#dig -t txt sept2013._domainkey.i3way,net
;; ANSWER SECTION:
sept2013._domainkey.i3way.net. 3600 IN TXT "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDq8KAvkv66AOeWd3UnpR74kDcIS4dkL8xR8wzzHUTvrrJR9l3B+X5wTZkHctfhjKHBmZg+W7MZW1b5O4SHI/n3FbqJ+6MK5jxHyx02Q6HSTtaYXjzalE3K0zgy4DRN7n/iYvRgS99OJw6LrKDcnzfRuO554G68aRgd32yflw+DQIDAQAB"
Forget to mention that the RSA key pair has no expiry. I can use for signing emails forever.