DKIM setup with multiple domains

HOW

I'm using gentoo in this setup. DKIM-milter 2.8.x ( I think it should work for any minor version of dkim-milter )

 mail-filter/dkim-milter-2.8.3-r1 USE="-diffheaders -ipv6"

Create the private/public keys for each domain

cd /etc/mail/dkim-filter
mkdir keys

mkdir keys/domain1.tld
dkim-genkey -r -s mydkim -d domain1.tld
mv mydkim.private keys/domain1.tld/
mv mydkim.txt mydkim.domain1.tld.txt
chmod 600 keys/domain1.tld/mydkim

mkdir keys/domain2.tld
dkim-genkey -r -s mydkim -d domain2.tld
mv mydkim.private keys/domain2.tld/
mv mydkim.txt mydkim.domain2.tld.txt
chmod 600 keys/domain2.tld/mydkim

mkdir keys/domain3.tld
dkim-genkey -r -s mydkim -d domain3.tld
mv mydkim.private keys/domain3.tld/
mv mydkim.txt mydkim.domain3.tld.txt
chmod 600 keys/domain3.tld/mydkim

chown -R milter:milter keys

You should now have the content of the *.txt in bind's zone files for each coresponding domain along with

 _adsp._domainkey.domain.tld

The /etc/mail/dkim-filter/dkim-filter.conf should look like this:

 ADSPDiscard		yes
 ADSPNoSuchDomain	yes
 AllowSHA1Only		no
 AlwaysAddARHeader	no
 AuthservIDWithJobId	yes
 AutoRestart		yes
 AutoRestartCount	0
 AutoRestartRate	10/1h
 BodyLengths		yes
 Canonicalization	simple/simple
 Domain		domain1.tld,domain2.tld,domain3.tld # all domains separated by coma
 KeyFile		/etc/mail/dkim-filter/mydkim # it'll get ignored anyway
 KeyList		/etc/mail/dkim-filter/keylist
 Mode			sv
 MTA			MSA
 On-Default              reject
 On-BadSignature         reject
 On-DNSError             tempfail
 On-InternalError        accept
 On-NoSignature          accept
 On-Security             discard
 QueryCache		yes
 RemoveOldSignatures	yes
 Selector		mydkim
 Socket			local:/var/run/dkim-filter/dkim-filter.sock
 SubDomains		yes
 Syslog		yes
 SyslogFacility	mail
 SyslogSuccess		yes
 TemporaryDirectory	/var/tmp
 UMask			000
 UserID		milter
 X-Header		yes
 Statistics            /var/run/dkim-filter/dkim-filter.stats

One example of /etc/mail/dkim-filter/keylist would be:

 *@domain1.tld:domain1.tld:/etc/mail/dkim-filter/keys/domain1.tld/mydkim
 *@domain2.tld:domain2.tld:/etc/mail/dkim-filter/keys/domain2.tld/mydkim
 *@domain3.tld:domain3.tld:/etc/mail/dkim-filter/keys/domain3.tld/mydkim

It's pretty straight forward.

DKIM setup with multiple domains

HOW

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools