Description
Update the guide based on comments in DisQus:
Oh I managed to find out the problem with the second debian server, ownership and permissions on the sock file
chown -R opendkim:opendkim /var/spool/postfix/opendkim
chmod -R 755 /var/spool/postfix/opendkim
postfix/smtpd[1712]: warning: connect to Milter service local:opendkim/opendkim.sock: Permission denied
I think we need:
chown -R opendkim:postfix /var/spool/postfix/opendkim
after opendkim.sock creted.
For those who have their own DNS server:
after create and move opendkim key I have troble with inserting
YYYYMM._domainkey in ZONE record file.
The solution is to copy the whole context of example.txt file in DNS domain record file, append example.com after _domainkey, remove "rsa-" after h= ant that its all.
I use bind 9.10.3, opendkim 2.11
nano /var/lib/bind/example.com.zone
$ORIGIN .
$TTL 5m ; 5 minutes
example.com IN SOA ns1.example.com. admin.example.com. (
2018122271 ; serial number YYYYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
MX 10 mail.example.com.
TXT "v=spf1 a mx ~all"
A 79.116.23.17
AAAA 2001:40:29:1::1
201903._domainkey.example.com IN TXT ( "v=DKIM1; h=sha256; k=rsa; s=email; "
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBxgKCAQEA0pQHmeS1yQT1ORlbQdlQ+uQEW5ArBAZ3Xlc3Tt4CsFnObeECygcK7c09ByQjpwWo2CmffNmYYJ26Mx+kXcWxzZBB0g0OchhblkJbPmYyfPbxoaEXONUIe6zUQTvyr3IVScs/5DyxXO5yi6cHWVOLE9sCbFX+6YL5jxS1rOgBgS0XWdtqC99XIp+zexAoFSxmheQvj/CN9pBEO7"
"TaN5ze6pOGtrQ2b1YQ0wH56KBLkc44q0wfwHxZwPiHzWnjJOUWQdveUVuy4VqB+7ganSN9alZu2MN1GE5i8yxWUqjO/w9gqUW75QoACqJAd50asQ53WIlXddFzao7eLW1r27uK8QIDAQAB" ) ; ----- DKIM key 201903 for example.com