DKIM keys configuration
To create proper DKIM it is recommended to separate them by the domain's folder. This provides better readability and management.
mkdir /etc/opendkim/keys/domain.com
/usr/sbin/opendkim-genkey -D /etc/opendkim/keys/domain.com/ -d domain.com -s default
chown -R root:opendkim /etc/opendkim/keys/domain.com
chmod 640 /etc/opendkim/keys/domain.com/default.private
chmod 644 /etc/opendkim/keys/domain.com/default.txtOnce the keys are created, navigate to /etc/opendkim.conf file (sample file is attached).
Ensure the following configuration settings are enabled
KeyTable /etc/opendkim/KeyTable option
SigningTable refile:/etc/opendkim/SigningTableUpdate /etc/opendkim/SigningTable file to incorporate new domain
*@scheduleinterpreter.com mx1._domainkey.scheduleinterpreter.com
*@domain.com default._domainkey.domain.comUpdate /etc/opendkim/KeyTable file to include new domain key
mx1._domainkey.scheduleinterpreter.com scheduleinterpreter.com:mx1:/etc/opendkim/keys/scheduleinterpreter.com/mx1.private
rock._domainkey.scheduleinterpreter.com scheduleinterpreter.com:rock:/etc/opendkim/keys/scheduleinterpreter.com/rock.private
default._domainkey.domain.com domain.com:default:/etc/opendkim/keys/domain.com/default.private
Restart open DKIM systemctl restart opendkim
Check the status systemctl status opendkim
[root@rock ~]# systemctl status opendkim
? opendkim.service - DomainKeys Identified Mail (DKIM) Milter
Loaded: loaded (/usr/lib/systemd/system/opendkim.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2022-08-18 14:25:08 CDT; 4min 6s ago
Docs: man:opendkim(8)
man:opendkim.conf(5)
man:opendkim-genkey(8)
man:opendkim-genzone(8)
man:opendkim-testadsp(8)
man:opendkim-testkey
http://www.opendkim.org/docs.html
Process: 6703 ExecStart=/usr/sbin/opendkim $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 6705 (opendkim)
Tasks: 3
CGroup: /system.slice/opendkim.service
??6705 /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid
Aug 18 14:28:28 rock.scheduleinterpreter.com opendkim[6705]: 27IJSRT6024527: no signing table match for 'michelle.mendez1494@gmail.com'
Aug 18 14:28:36 rock.scheduleinterpreter.com opendkim[6705]: 27IJSamv028271: DKIM-Signature field added (s=rock, d=scheduleinterpreter.com)
Aug 18 14:28:52 rock.scheduleinterpreter.com opendkim[6705]: 27IJSqNx002478: DKIM-Signature field added (s=rock, d=scheduleinterpreter.com)
Aug 18 14:28:52 rock.scheduleinterpreter.com opendkim[6705]: 27IJSqgl002574: DKIM-Signature field added (s=rock, d=scheduleinterpreter.com)
Aug 18 14:28:56 rock.scheduleinterpreter.com opendkim[6705]: 27IJSuf0003590: DKIM-Signature field added (s=rock, d=scheduleinterpreter.com)
Aug 18 14:29:02 rock.scheduleinterpreter.com opendkim[6705]: 27IJT2k0005174: DKIM-Signature field added (s=rock, d=scheduleinterpreter.com)
Aug 18 14:29:03 rock.scheduleinterpreter.com opendkim[6705]: 27IJT3rD005759: DKIM-Signature field added (s=rock, d=scheduleinterpreter.com)
Aug 18 14:29:04 rock.scheduleinterpreter.com opendkim[6705]: 27IJT4ii006226: DKIM-Signature field added (s=mx1, d=scheduleinterpreter.com)
Aug 18 14:29:11 rock.scheduleinterpreter.com opendkim[6705]: 27IJTBw5009147: DKIM-Signature field added (s=default, d=jefferson.edu)
Aug 18 14:29:11 rock.scheduleinterpreter.com opendkim[6705]: 27IJTBQg009242: DKIM-Signature field added (s=default, d=jefferson.edu)
Restart sendmail systemctl restart sendmail
Testing can be completed at thi site https://www.appmaildev.com/en/dkim