DKIM for my domain in 12 steps - YMMV

  1. sudo apt install opendkim opendkim-tools

  2. sudo -u opendkim opendkim-genkey -D /etc/dkimkeys -d roamin-nomen.name -s Jan2026

  3. create a TXT record for your domain using the selector and public key

    Jan2026._domainkey

    TXT

    sudo cat /etc/dkimkeys/Jan2026.txt

    ( paste in from between the first quote to the last quote minus spaces )

    e.g. dig +short Jan2026._domainkey.roamin-nomen.name TXT

  4. sudo vi /etc/opendkim.conf

    Syslog yes

    SyslogSuccess yes

    LogWhy yes

    Canonicalization relaxed/simple

    Mode sv

    SubDomains no

    OversignHeaders From

    Domain roamin-nomen.name

    Selector Jan2026

    KeyFile /etc/dkimkeys/Jan2026.private

    Socket local:/var/spool/postfix/opendkim/opendkim.sock

  5. sudo usermod -G opendkim postfix

  6. sudo opendkim-testkey -d roamin-nomen.name -s Jan2026 -vvv

    Last line should say "opendkim-testkey: key OK"

  7. sudo mkdir /var/spool/postfix/opendkim

  8. cd /etc/postfix; sudo cp main.cf main.cf.before_dkim

  9. sudo vi /etc/postfix/main.cf

    milter_default_action = accept

    milter_protocol = 6

    smtpd_milters = local:opendkim/opendkim.sock

    non_smtpd_milters = $smtpd_milters

  10. sudo chown opendkim:postfix /var/spool/postfix/opendkim

  11. sudo systemctl restart opendkim

  12. sudo systemctl restart postfix

Previous Post