On 2015-09-02 10:29, Martin Skjöldebrand wrote:
Quoting Steve Jenkins <st...@stevejenkins.com>:
On Wed, Aug 19, 2015 at 10:07 AM, Martin Skjöldebrand
<mar...@skjoldebrand.eu> wrote:
Following the tutorial here:
http://arstechnica.com/business/2014/03/taking-e-mail-back-part-3-fortifying-your-box-against-spammers/
[1]
What would a DKIM DNS record look like for my server
mail.skjoldebrand.eu [2]?
Hi, Martin. This tutorial is WAY better. Of course, I'm a bit
biased. :)
http://www.stevejenkins.com/blog/2011/08/installing-opendkim-rpm-via-yum-with-postfix-or-sendmail-for-rhel-centos-fedora/
[3]
SJ
After some problems with the hosting I've now gotten this to work
using your tutorial.
Maybe I'm missing it but the the following setting was required for
my server to send mail.
_RequireSafeKeys false_
It's not clear from http://www.opendkim.org/opendkim.conf.5.html if
there is any implications of setting this (I've seen it recommended in
other replies when Googling)?
From the manpage:
RequireSafeKeys (boolean)
When reading a key file, a message will be logged if the key file has
the read or write bit set other than for the owner or for a group that
the executing process is in. With this feature set to "true", the filter
will further consider this an error and refuse to make use of the file’s
contents. The default is "true".
Your key files are not owned by the user you run opendkim as.
You should _chown_ the key files to the user you run opendkim as. The
user (and group) should be set in opendkim.conf as UserID.
/Martin S
regards
- c
