First install OpenDKIM:
# yum install opendkim
Configure OpenDKIM (please read the comments inside the original config file):
# vim /etc/opendkim.conf
PidFile /var/run/opendkim/opendkim.pid
Mode sv
Syslog yes
SyslogSuccess yes
LogWhy yes
UserID opendkim:opendkim
Socket inet:8891@localhost
Umask 002
SendReports yes
SoftwareHeader yes
Canonicalization relaxed/simple
Selector default
MinimumKeyBits 1024
KeyTable /etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
OversignHeaders From
SignatureAlgorithm rsa-sha256
Generate a domain key + domain cert:
# cd /etc/opendkim/keys
# opendkim-genkey -d mydomain.com
# mv default.private mydomain.private
# mv default.txt mydomain.txt
# chown opendkim:opendkim mydomain.*
Add the key to the keytable:
# vim /etc/opendkim/KeyTable
>> default._domainkey.mydomain.com mydomain.com:default:/etc/opendkim/keys/mydomain.private
Add the cert to the SignTable
# vim /etc/opendkim/SignTable
>> *@mydomain.com default._domainkey.mydomain.com
Edit postfix config and add OpenDKIM to the milters:
# vim /etc/postfix/main.cf
>> smtpd_milters = inet:localhost:8891
>> non_smtpd_milters = inet:localhost:8891
Start OpenDKIM:
# systemctl start opendkim
# systemctl enable opendkim
Restart postfix:
# systemctl restart postfix
Add DKIM TXT record to DNS (Bind9):
# vim /var/named/mydomain.com
>> default._domainkey.mydomain.com. 3600 TXT "v=DKIM1; k=rsa; p=<very long string taken from /etc/opendkim/keys/mydomain.txt>"
Restart Bind:
# systemctl restart named
Well, that should be it, wokring DKIM on your mydomain.com!