10

How do I use OpenDKIM with multiple domain names on a single server?

I own 3 domain names, and I have a single server that's running postfix for sending email. How do I use OpenDKIM?

Can I use the same keyfile for all 3 domain names? Do I have to create a TXT record for each domain name?

2 Answers2

10

You'll need to set up a KeyTable with a separate line for each selector/domain/keyfile. It would look like this:

default._domainkey.example1.com example1.com:default:/etc/mail/dkim/keys/example1.com/default
default._domainkey.example2.com example2.com:default:/etc/mail/dkim/keys/example2.com/default
default._domainkey.example3.com example3.com:default:/etc/mail/dkim/keys/example3.com/default

then a SigningTable to determine who can sign on each domain:

*@example1.com default._domainkey.example1.com
*@example2.com default._domainkey.example2.com
*@example3.com default._domainkey.example3.com

Here's an easy How-To for setting it up:

http://stevejenkins.com/blog/2010/09/how-to-get-dkim-domainkeys-identified-mail-working-on-centos-5-5-and-postfix-using-opendkim/

SteveJ
  • 492
1

The question is a bit dated, but the following configuration works for me.
The selector is usually default, but can be anything as long as you don't have multiple keys with the same selector.

SELECTOR=default
DOMAIN=domain.tld
# Add a rule for the new domain to the signing table (location of the signing table should be configured in opendkim.conf)
echo -e "*@${DOMAIN} ${SELECTOR}._domainkey.${DOMAIN}" | sudo tee -a /etc/opendkim/SigningTable
# Add the path to the key to the key table (again, defined in opendkim.conf)
echo -e "${SELECTOR}._domainkey.${DOMAIN} ${DOMAIN}:${SELECTOR}:/etc/opendkim/keys/${DOMAIN}/${SELECTOR}.private" | sudo tee -a /etc/opendkim/KeyTable
# Add the domain to the trusted hosts (I think this is not necessary if you send from localhost)
echo -e "${DOMAIN}" | sudo tee -a /etc/opendkim/TrustedHosts
# Create a directory for the domain's key
sudo mkdir -p /etc/opendkim/keys/${DOMAIN}
# Create the key
sudo opendkim-genkey -b 1024 -d ${DOMAIN} -D /etc/opendkim/keys/${DOMAIN} -s ${SELECTOR} -v
# Set the right ownership for the newly generated key
sudo chown opendkim: /etc/opendkim/keys -R
# This is the public key and must be added to your dns record
sudo cat /etc/opendkim/keys/${DOMAIN}/${SELECTOR}.txt

This was my source: https://easydmarc.com/blog/how-to-configure-dkim-opendkim-with-postfix/

Christopher
  • 13
  • 2