# OpenDKIM + SPF



## xy16644 (Oct 23, 2011)

I currently run Postfix, SpamAssassin and ClamAV on my FreeBSD server. I would now like to install and configure OpenDKIM and SPF for Postfix. Can someone please point me in the right direction to do this (like a how to guide maybe)? I did have a look around on the internet but the guides I found were aimed at Linux users.

I have installed the OpenDKIM port so far.

Thanks you! :e


----------



## Abriel (Oct 23, 2011)

For SPF:
1. Install 

```
/usr/ports/mail/postfix-policyd-spf-perl
```
2. Add to /usr/local/etc/postfix/master.cf

```
spf-policy   unix  -       n       n       -       0       spawn
  user=nobody argv=/usr/local/sbin/postfix-policyd-spf-perl
```
3. Add to /usr/local/etc/postfix/main.cf

```
........
spf-policy_time_limit = 3600
.........
smtpd_recipient_restrictions =
                                    .......,
                                    check_policy_service unix:private/spf-policy,
                                    permit
```
4. Add to your DNS server config file

```
your.domian.     IN      TXT     "v=spf1 ip4:yourserverip -all"
```

For dkim i am using 

```
/usr/ports/mail/dkim-milter
```


----------



## DutchDaemon (Oct 24, 2011)

You will find that dkim-milter is about to expire; it will be removed from the ports tree shortly. OpenDKIM is its successor. Unfortunately, its configuration syntax and key management is quite different, though the general configuration file is almost identical, so invest some time when switching over.


----------



## ipsure (Mar 3, 2012)

Here is step-by-step howto guide for FreeBSD users; 
http://www.ipsure.com/blog/2012/dkim-milter-is-no-longer-available-how-to-use-opendkim-instead/ 
We hope future visitors of this thread shall at least benefit from it.


----------



## Mayhem30 (Mar 10, 2012)

Thank you ipsure, much appreciated!


----------



## Mayhem30 (Mar 11, 2012)

How to set up multiple domain names on a single server using OpenDKIM.


Step 1: Create these files

```
/var/db/opendkim/keytable
/var/db/opendkim/signingtable
```



Step 2: Open your opendkim.conf file and add (or modify) these lines

```
KeyTable                refile:/var/db/opendkim/keytable
SigningTable            refile:/var/db/opendkim/signingtable
```



Step 3: Open your keytable file and add


```
default._domainkey.example.com example.com:default:/var/db/dkim/keys/example.com/default
default._domainkey.example2.com example2.com:default:/var/db/dkim/keys/example2.com/default
default._domainkey.example3.com example3.com:default:/var/db/dkim/keys/example3.com/default
```

The KeyTable file tells OpenDKIM where to find your keys. Each entry in the KeyTable file is a single line for each key location.



Step 4: Open your signingtable file and add


```
*@example.com default._domainkey.example.com
```

The SigningTable file tells OpenDKIM how to use your keys, as in which senders should use which selectors for their signatures. In the above example, I'm saying that everyone (*) sending mail from the server "example.com" should use the selector named "default." It's important to note that the * wildcard symbol will only work if the SigningTable option uses the refile: prefix before the filename.



Step 5: Restart OpenDKIM


```
/usr/local/etc/rc.d/milter-opendkim restart
```


Source : http://stevejenkins.com/blog/2010/0...ing-on-centos-5-5-and-postfix-using-opendkim/


----------



## cachorroyayo (Mar 16, 2012)

Hello Forum,

I've found several posts and blogs trying and teaching how to configure it with postfix/amavisd/dkim in the same box. But if I have 3 diferent servers:

Server 1: Postfix
Server 2: MySQL with user's database
Server 3: Amavisd/SpamAssassnin/Clamav


My stage is the following:

1) My email is sent from Server1 to Server2 with 


```
content_filter=smtp-amavis:[Server2]:10024
```
Server2 resends to Server1 


```
$notify_method  = 'smtp:[server1]:10025';
$forward_method = 'smtp:[server1]:10025';  # set to undef with milter!
```
Should I have to open one more pipe in each server? How can I accomplish this process? 

I hope you can help me to get the correct idea.

Thank you very much.


----------



## ArashTheKID (Jul 28, 2015)

cachorroyayo said:


> Hello Forum,
> 
> I've found several posts and blogs trying and teaching how to configure it with postfix/amavisd/dkim in the same box. But if I have 3 diferent servers:
> 
> ...


Hi there, 'have uyou found the solution yet? I've recently stumbled upon this problem, since my mails been marked as spam all over...

Cheers,
A.


----------



## ArashTheKID (Jul 28, 2015)

ArashTheKID said:


> Hi there, 've u found the solution yet? I've recently stumbled upon this problem, since my mails been marked as spam all over...
> 
> Cheers,
> A.


Never mind, just set the permissions right, here is some more info:
http://www.prado.it/2012/04/26/how-to-run-postfix-with-opendkim-on-freebsd-9-0/
Cheers,
A.


----------

