How to configure DKIM for your Domain with Postfix

First install opendkim:

apt-get update
apt-get install opendkim opendkim-tools


Append the following content to /etc/opendkim.conf:

AutoRestart             Yes
AutoRestartRate         10/1h
UMask                   002
Syslog                  yes
SyslogSuccess           Yes
LogWhy                  Yes
Canonicalization        relaxed/simple
ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
InternalHosts           refile:/etc/opendkim/TrustedHosts
KeyTable                refile:/etc/opendkim/KeyTable
SigningTable            refile:/etc/opendkim/SigningTable
Mode                    sv
PidFile                 /var/run/opendkim/
SignatureAlgorithm      rsa-sha256
UserID                  opendkim:opendkim
Socket                  inet:12301@localhost


Add the following line to /etc/default/opendkim:



Add these lines to /etc/postfix/

milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301

Create the needed folders:

mkdir -p /etc/opendkim/keys/
In this tutorial we'll configure DKIM for a domain, change it accordingly!


Add these lines to /etc/opendkim/TrustedHosts (you may also use CIDR notation):


Add this line to  /etc/opendkim/KeyTable:


And add this line to /etc/opendkim/SigningTable:



Create keys:

cd /etc/opendkim/keys/
opendkim-genkey -s mail -d
chown opendkim:opendkim mail.private

With the contents of the so generated file /etc/opendkim/keys/ you can now create a TXT DNS entry for your domain.
Value: v=DKIM1; k=rsa; p=……..


Now restart postfix and opendkim:

service postfix restart
service opendkim restart

That's it!
You can test the result for example by sending an e-mail to – you'll receive a response e-mail with the results.