Domainkeys and DKIM with Postfix

This guide will show you how to configure Postfix to use Domainkeys and DKIM

Domainkeys
Set selector name to "mydk" (without the quotes), Before selecting "[1] 512 bits" for your key see the "Notes" below. Your key will be created now. Copy it now and we will paste it into your Bind file later.

Edit the following file making sure to replace domain.tld with your domain.

The comma separated values following -C determine how to handle incomming messages according to each test. If you don't want to test incoming mail, and only sign outgoing mail, then change all these to accept instead of reject or tempfail. If you accept incoming email its DomainKeys status is still written to the header. The v is for verifying incoming email, you can remove this if you want.

Now edit your bind configuration. The following is two separate lines.

Now edit your postfix configuration. The following is two separate lines.

DKIM
Set selector name to "mydkim" (without the quotes),select "[1] 512 bits" for your key. Your key will be created now. Copy it now and we will paste it into your Bind file later.

Edit the following file. Defaults are fine except for the following.

Now edit your bind configuration.

Now edit your postfix configuration. The following is two separate lines. We just append the DKIM information to the Domainkey information.

Services
Start up all the services...

You may want to configure these services to start at boot

Thats it, you should now have Domainkey and DKIM signed emails.

Testing
You can test your Domainkey/DKIM setup by sending a blank email to check-auth@verifier.port25.com

You will receive an email within about 30 seconds letting you know if your Domainkey/DKIM passes the test.