Setting up openDKIM with Postfix (+ Troubleshooting)

Introduction

DomainKeys Identified Mail, abbreviated as DKIM. It is a protocol which ensures that, the emails received are from right and authentic senders, and are not forged. DKIM uses public key cryptography [wiki link]. Most of the times when you deal with a mail server, emails are unfortunately going into spam, because your DNS does not have a DomainKey record, which authenticates the emails coming from your domain.

Requirements

  1. I assume you are familiar with Debian based distrubution.
  2. You are having postfix mail server, this guide deals with postfix only.
  3. You have knowledge of basic linux commands

Installation

You can simply issue issue the following command to install openDKIM.

sudo aptitude install opendkim opendkim-tools dkim-filter

Configuration

Two configuration files of DKIM.

/etc/opendkim.conf
/etc/default/opendkim 
/etc/default/dkim-filter

Firstly edit, /etc/opendkim.conf , Make sure your file do have these. Just edit “Domain” and “Selector”.


Domain                  vigasdeep.com #Use your domain here
KeyFile                 /etc/mail/dkim.key # We will generate this key later on
Selector                mail #this can be anything

# DomainKey is combined with "Selector" and "Domain", including an extra string "_domainkey"
# For Example mail._domainkey.vigasdeep.com

# Common settings. See dkim-filter.conf(5) for more information.
AutoRestart             yes
Background              yes
Canonicalization        relaxed/relaxed
DNSTimeout              5
Mode                    sv
SignatureAlgorithm      rsa-sha256
SubDomains              no
X-Header                no

After that, edit /etc/default/dkim-filter and make sure it have following

DAEMON_OPTS="-l -o DKIM-Signature,X-DKIM"
DAEMON_OPTS="$DAEMON_OPTS -d vigasdeep.com -k /etc/mail/dkim.key -s mail"
SOCKET="inet:8891@localhost"

Now we’ll edit /etc/postfix/main.cf file. Append following text into the file.

# DKIM
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

Thats all for the Configuration.

Generate Public/Private key for DKIM

This command with generate a public/private key pair. Replace “mail” with your own selector, and “vigasdeep.com” with your domain name.

opendkim-genkey -t -s mail -d vigasdeep.com

After this, place the private key to its right place at /etc/mail/dkim.key

cp mail.private /etc/mail/dkim.key  
# here <strong>mail</strong> refers to the selector

Thats it.

Optionally, you can also create a public/private key pair from http://dkimcore.org/tools/. Change Selector accordingly into /etc/opendkim.conf file.

If you have generated the keys on the web, then create a new file /etc/mail/dkim.key and paste private key into it.

Adding DNS (txt record) for domainkey

Adding the DNS entry is the most crucial part, please be patient and read carefully. When you created public/private key pair. Use public key for DNS entry. Login to your domain’s control panel, change DNS Settings, and add a TXT record. TXT record will ask you for two things. Host and Data.

Host will be ( change accordingly for your case )

mail._domainkey.vigasdeep.com
## [Selector]._domainkey.[domain.com]

and data would be something like

"v=DKIM1;=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8O7fJSx/nbZfzy75pfMnSO57Y0/xyIQQfrWUFwo2PXIamDSII7KB83u0MBeSrt1TPAnSmcRlKIurEBD8xF1Um8cnM/D2W5BlPqKTiII9CHLNEiCKYJiG1EuB+5Wl47UCHnmRaX3+PrbB/r1AWEmT+8cNbz4FW60mQaEIHBFsgwIDAQAB"

Add the entry, and you’re done. Now we will test it out.

Starting DKIM and Troubleshooting

sudo service opendkim start

If you’re not able to send email, probably there is something wrong with the configuration. Check the mail logs.

grep -i dkim /var/log/mail.log

Check if DKIM is working correctly at http://dkimcore.org/tools/keycheck.html

Facing problems ? Post comment Or Hire me, I’ll be back after my “Double-Tikki” Burger. Hah !

Console booting in Linux

Usually all the linux distributions do start the graphical environment automatically. Its good, but it becomes little pain of linux nerds, they want to use it in there own ways. So this is a simple trick which will enable you to boot in console mode with help of Grub.

You just need to edit the following file.

/etc/default/grub

And the find the following line

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

and replace it with following.

GRUB_CMDLINE_LINUX_DEFAULT="text"

Save the file and then execute following command in the command window ( Terminal / Console ).

sudo update-grub


Thats is, next time you are going to boot in console mode. But, next thing is how run the graphical console.

Just do this, and it will run you default graphical manager.

startx

If you wish to do some other Graphical desktop then you have to create and .xinitrc file inside your home directory.

Few examples of .xinitrc files :

Example 1 : For cinnamon desktop environment.

#!/bin/sh
#exec gnome-session
exec gnome-session --session=cinnamon

Example 2 : For gnome classic.

#!/bin/sh
#exec gnome-session
exec gnome-session --session=gnome-classic

Enjoy tweaking.

Ubuntu 12.10 – Maximizing Battery Backup

Here is a quick tutorial, to maximize battery backup of your laptop. This is based on ubuntu 12.10, which has many improved feature which you need to tweak to improve the backup.

Tools used are :
1. “Disks” 3.6.1
2. Jupiter Applet
3. PowerTop

Disks, This program comes default with ubuntu 12.10, it has many improved features this time. One important feature is, it also controls HDD Drive speed, which can end up in maximizing performance to battery.

After opening the Drive Settings, It shows power managements options for HDD. You can set power as low as possible to increase the Drive speed.

Next is, Jupiter applet, , after installing, start the jupiter applet and change power settings to Power Saving Mode.

Next and the last is, PowerTOP, install it by typing the terminal.

$ sudo apt-get install powertop

After installing it, give command in the terminal.

$ sudo powertop 

Your application will start running, switch screens with left and right arrow, and get into “Tuneable Tab” and change all setting which are bad.

Thats what made my battery backup approximately 80 minutes more then my normal battery backup, Thanks for reading, I hope you find this post helpful.