OpenDKIM with Postfix (Centos 7)

First install OpenDKIM:

# yum install opendkim

Configure OpenDKIM (please read the comments inside the original config file):

# vim /etc/opendkim.conf

PidFile /var/run/opendkim/opendkim.pid
Mode    sv
Syslog  yes
SyslogSuccess   yes
LogWhy  yes
UserID  opendkim:opendkim
Socket  inet:8891@localhost
Umask   002
SendReports     yes
SoftwareHeader  yes
Canonicalization        relaxed/simple
Selector        default
MinimumKeyBits  1024
KeyTable        /etc/opendkim/KeyTable
SigningTable    refile:/etc/opendkim/SigningTable
ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
InternalHosts   refile:/etc/opendkim/TrustedHosts
OversignHeaders From
SignatureAlgorithm      rsa-sha256

Generate a domain key + domain cert:

# cd /etc/opendkim/keys
# opendkim-genkey -d mydomain.com
# mv default.private mydomain.private
# mv default.txt mydomain.txt
# chown opendkim:opendkim mydomain.*

Add the key to the keytable:

# vim /etc/opendkim/KeyTable
>> default._domainkey.mydomain.com mydomain.com:default:/etc/opendkim/keys/mydomain.private

Add the cert to the SignTable

# vim /etc/opendkim/SignTable
>> *@mydomain.com default._domainkey.mydomain.com

Edit postfix config and add OpenDKIM to the milters:

# vim /etc/postfix/main.cf
>> smtpd_milters = inet:localhost:8891
>> non_smtpd_milters = inet:localhost:8891

Start OpenDKIM:

# systemctl start opendkim
# systemctl enable opendkim

Restart postfix:

# systemctl restart postfix

Add DKIM TXT record to DNS (Bind9):

# vim /var/named/mydomain.com
>> default._domainkey.mydomain.com. 3600      TXT        "v=DKIM1; k=rsa; p=<very long string taken from /etc/opendkim/keys/mydomain.txt>"

Restart Bind:

# systemctl restart named

Well, that should be it, wokring DKIM on your mydomain.com!

SSH tunnel

how to open an SSH tunnel through another host:

# ssh -l <user> -L <local_port>:<remote_host>:<remote_port> <host_to_connect>

this can be chained through multiple hosts, e.g.

# ssh -l user1 -L 80:localhost.1234 server1 (type on local machine)
# ssh -l user2 -L 1234:localhost:80 server2 (type on server1)

now server2's port can be reached through http://localhost

Limit per request bandwidth using Apache 2.4

Apache 2.4 has a module called mod_ratelimit. This module gives you the ability to limit the bandwidth of your requests posted to the web server. The usage is quite simple (read the docs):

First load the module (Apache 2.4 on FreeBSD). Uncomment following line in /usr/local/etc/apache24/httpd.conf

LoadModule ratelimit_module libexec/apache24/mod_ratelimit.so

This will load the module during next startup. Now how do i use it? Well, let's say you want the whole server to limit every request to 5MB/s, then use this:

<IfModule mod_ratelimit.c>
    SetOutputFilter RATE_LIMIT
    SetEnv rate-limit 5120
</IfModule>

The same can be applied to only specific directories if you need to:

<IfModule mod_ratelimit.c>
    <Location "/downloads">
        SetOutputFilter RATE_LIMIT
        SetEnv rate-limit 5120
    </Location>
</IfModule>

Last step, as apache needs to load a new module, restart your webserver, not reload:

# service apache24 restart