Configure DomainKeys (OpenDKIM) with Postfix on CentOS 7

22 Responses

  1. anibal says:

    What does “hash -r” do? and how can it be installed?
    thank you

  2. fusionstream says:

    How do you make a keygen for another domain besides whatever is returned by hostname?

    Also, how do you do this for multiple domains?

  3. Aizat says:

    After entering ‘cat /etc/opendkim/keys/default.txt’ I got a ‘DKIM key default for com’ and not my domain name at the end of the message.

    At the start when I ran the command ‘opendkim-default-keygen’, I got a message ‘Default DKIM keys for com created in /etc/opendkim/keys.’ instead of one with my domain name. There isn’t any step defined in your tutorial to change this.

  4. Ric says:

    To me, step 3 is incomplete as no domain is being specified here.
    Maybe the use of these would be relevant (where is your domain name):
    mkdir /etc/opendkim/keys/
    opendkim-genkey -D /etc/opendkim/keys/ -d -s default
    chown -R opendkim: /etc/opendkim/keys/
    mv /etc/opendkim/keys/ /etc/opendkim/keys/

  5. Garry says:

    Hi, I got a problem to start openDKIM. It comes out error for “Starting OpenDKIM Milter: opendkim: /etc/opendkim.conf: refile:/etc/opendkim/TrustedHosts: dkimf_db_open(): Permission denied

    I try to change permission for 664. It seem not work. Do you have any idea and suggestion for solve this problem?

  6. Maxime says:

    Thanks ! Followed your instructions and it worked straight out of the box.

  7. Rodney Recor says:

    I am baffled.
    I cannot get past your Step 2: “yum install -y opendkim”

    I get an error message:
    “No package opendkim available”

    Do you know why this is happening?

  8. mssadewa says:

    Hi Thank you,
    Clearly, simple, and works great!

  9. ramy says:

    I have problem not authenticated but DKIM verification successful and no signing table match for but DKIM verification successful how to fix this problem?

  10. greygeek says:

    Our web server has a Thawte EV SSL certificate. Should I link to those keys or generate our own opendkim keys? How do I include the IntermediateCA.crt?

  11. Chavdar says:

    Hi Pradeep,

    You have a small error – you have not removed the # from line 5 of the highlighted lines on step 4. This is for the “opendkim.conf”

    Regards 😉

  12. PW says:

    Hello, I have multiple domains. I assume I should do it for every domain, right?

  13. santosh says:

    how to fix below issue
    opendkim[18290]: 018E91A0061EF: can’t determine message sender; accepting

  14. Hollister says:

    You can add epel respository just with
    yum -y install epel-release
    yum repolist

  15. shiv says:

    how send email without any relayhost

    #relayhost = []:587
    smtp_tls_security_level = encrypt
    header_size_limit = 4096000
    smtp_use_tls = yes
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
    smtp_sasl_security_options = noanonymous
    smtp_sasl_tls_security_options = noanonymous

    smtpd_milters = inet:
    non_smtpd_milters = $smtpd_milters
    milter_default_action = accept

    error when do that realy access denied

  16. Danny Vacchio says:

    The mail gets sent but it is not signed . The logs don’t show anything about dkim either. Dkim is running so i’m not sure why there are no errors displayed

  17. dan says:

    Ok I found the problem why it wasn’t signing, but now when checking the header in e-mail it says invalid format dkim-neutral

  18. dan says:

    I’m out of ideas. Any help would help. what is the selector i add to my dns.. for instance.. when i do a test both show vaild records so i’m not sure why i keep getting dkim=neutral (bad format) [email protected] header.s=default header.b=lQ1YkIEB;




Leave a Reply

Your email address will not be published. Required fields are marked *