Service/smtp: Difference between revisions
Use mask instead of int value |
No edit summary |
||
| Line 52: | Line 52: | ||
To test DKIM, send an email to autorespond+dkim@dk.elandsys.com | To test DKIM, send an email to autorespond+dkim@dk.elandsys.com | ||
To generate an ed25519 key to use for DKIM, you can use openssl | |||
# Generate ed25519 key | |||
$ openssl genpkey -algorithm ed25519 -out dkim_private.pem | |||
# Generate public key from private key | |||
$ openssl pkey -in dkim_private.pem -pubout -out dkim_public.pem | |||
For ed25519 keys, the p value in the DKIM record must only contain the BASE64 encoded public key, without an ASN.1 structure | |||
$ openssl asn1parse -in dkim_public.pem -offset 12 -noout -out /dev/stdout | openssl base64 | |||
VGhpcyBpcyBqc3V0ZSBhc29ka2ZvYXNrZWpkZmtsc2pkZgo= | |||
Your entry would look like this | |||
default._domainkey.hostname TXT "v=DKIM1; g=*; k=ed25519; p=VGhpcyBpcyBqc3V0ZSBhc29ka2ZvYXNrZWpkZmtsc2pkZgo=" | |||
_adsp._domainkey.hostname TXT "dkim=unknown" | |||
Ensure your private key is on hostname and specify the path to it when using a tool like opendkim - /etc/opendkim.conf -, with | |||
the user and group of the key being opendkim. | |||
== See also == | == See also == | ||