Difference between revisions of "Generating DKIM Key"

From Luna Node
Jump to: navigation, search
 
(One intermediate revision by one user not shown)
Line 5: Line 5:
 
Now, generate the keypair (replace example.com with your domain name):
 
Now, generate the keypair (replace example.com with your domain name):
  
  <nowiki>opendkim-genkey -t -s mail -d example.com</nowiki>
+
  <nowiki>opendkim-genkey -s mail -d example.com</nowiki>
  
Here, "-s mail" indicates that we are using "mail" for the selector name, and "-t" indicates we will run DKIM in [http://www.dkim.org/specs/rfc4871-dkimbase.html#key-text test mode]; most DKIM users opt for test mode, but you can remove the "-t" flag if desired, in this case mail servers verifying DKIM will reject mail that isn't signed.
+
Here, "-s mail" indicates that we are using "mail" for the selector name. The command will generate a public key in mail.txt and private key in mail.private.
  
The command will generate a public key in mail.txt and private key in mail.private.
+
Create a DNS TXT record at "mail._domainkey.example.com." based on the mail.txt file:
 
+
Create a DNS TXT record at "mail._domainkey.example.com." based on the public key:
+
  
 
  <nowiki>mail._domainkey.example.com. IN TXT "k=rsa; p=PpYHdE2tevfEpvL1Tk2dDYv0pF28/f 5MxU83x/0bsn4R4p7waPaz1IbOGs/6bm5QIDAQAB"</nowiki>
 
  <nowiki>mail._domainkey.example.com. IN TXT "k=rsa; p=PpYHdE2tevfEpvL1Tk2dDYv0pF28/f 5MxU83x/0bsn4R4p7waPaz1IbOGs/6bm5QIDAQAB"</nowiki>
  
 
Finally, copy the mail.private contents to the private key text area.
 
Finally, copy the mail.private contents to the private key text area.

Latest revision as of 17:36, 14 July 2015

First, install the package containing opendkim-genkey. On Debian/Ubuntu:

apt-get install opendkim-tools

Now, generate the keypair (replace example.com with your domain name):

opendkim-genkey -s mail -d example.com

Here, "-s mail" indicates that we are using "mail" for the selector name. The command will generate a public key in mail.txt and private key in mail.private.

Create a DNS TXT record at "mail._domainkey.example.com." based on the mail.txt file:

mail._domainkey.example.com. IN TXT "k=rsa; p=PpYHdE2tevfEpvL1Tk2dDYv0pF28/f 5MxU83x/0bsn4R4p7waPaz1IbOGs/6bm5QIDAQAB"

Finally, copy the mail.private contents to the private key text area.