This is a quick walk through on how to set up domain keys on Centos 5 using sendmail. It should also be very similar for Redhat or Fedora.
Domainkeys is a method mostly used by yahoo to verify that the sender of an email is valid. I did notice that gmail changes the domainkeys header line to a pass value but I don’t know if they block/accept mail based on that.
First install some dependencies.
yum install sendmail-devel openssl-devel
First download the latest version of dk-milter by going to http://sourceforge.net/projects/dk-milter/
cd /usr/src/
wget http://downloads.sourceforge.net/dk-milter/dk-milter-1.0.0.tar.gz
Then extract it using the command
tar xzf dk-milter-1.0.0.tar.gz
cd dk-milter-2.6.0
Start by copying the sample config file to the proper directory and the make/make installing
cp site.config.m4.dist devtools/Site/site.config.m4
make; make install
You may see a few errors during the install, as long as they are just about creating the man pages you should be alright. Now change back to a good working directory and create your new keys.
cd ~/ssl-gen
openssl genrsa -out rsa.private 768
openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM
Make the directory and move the private key into it.
mkdir -p /var/db/domainkeys/
cp rsa.private /var/db/domainkeys/mail.key.pem
Now we should set up our DNS TXT records with our public key. This is how it should look in a bind zone file. Put the public key only and not the “BEGIN RSA PRIVATE…” or “END RSA…” parts of the key with out parenthesis.
mail._domainkey.jkurtzman.com. IN TXT “k=rsa; t=y; p=(Paste the public key here)”
_domainkey.jkurtzman.com. IN TXT “t=y; o=~”
You can use the following command to verify that your TXT record was set up correctly.
dig +short mail._domainkey.jkurtzman.com TXT
Now we will need to make the init script so the it starts when the computer reboots. Put the following into a file called /etc/init.d/domainkeys. Of course be sure to change the domain to your own domain. Remember to fix any lines that have wrapped when copying. Especially the COMMAND line.
#!/bin/sh
#
# “/etc/rc.d/init.d/dk-filter”
# Start/stop script for the dk-filter daemon on RedHat Linux
#
# chkconfig: – 79 31
# description: Acts as the “dk-filter” InputMailFilter (milter) for the \
# Sendmail MTA to provide DomainKeys service############################################################
#
# Be sure to edit these values:
#
KEYFILE=”/var/db/domainkeys/mail.key.pem”
DOMAIN=”jkurtzman.com”
SELECTOR=”mail”
USER=”domainkeys”
#
############################################################PIDFILE=”/var/run/dk-milter/pid”
SUBMISSION_DAEMON=”smtp”
PORT=8891# Source function library. Provides the “status” option
. /etc/init.d/functionstest -x `which dk-filter` || exit 0
RETVAL=0
start() {
echo -n $”Starting dk-filter: ”
COMMAND=”dk-filter -u $USER -b s -p inet:$PORT@localhost -l -P $PIDFILE -s $KEYFILE -d $DOMAIN -S $SELECTOR -m$SUBMISSION_DAEMON -c nofws”
# echo -e “Now executing\n”$COMMAND”"
daemon $COMMAND
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dk-filter
return $RETVAL
}stop() {
echo -n $”Stopping dk-filter: ”
killproc dk-filter
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $PIDFILE /var/lock/subsys/dk-filter
return $RETVAL
}restart() {
stop
start
}case “$1″ in
start)
start
;;
stop)
stop
;;
status)
status dk-filter
;;
restart)
restart
;;
*)
echo $”Usage: $0 {start|stop|status|restart}”
exit 1
esacexit $?
Give your new file execute permisions, create a user for domain keys to run as, and start it
chmod +x /etc/init.d/domainkeys
useradd domainkeys
service domainkeys start
If everything work you should see that the dk-filter has started.
Now run chkconfig so the service starts when you reboot.
chkconfig domainkeys on
Now add this to your /etc/mail/sendmail.mc file.
INPUT_MAIL_FILTER(`dk-filter’, `S=inet:8891@localhost’)
And make and restart sendmail.
cd /etc/mail
make
service sendmail restart
You should now be able to send email and be domainkey verified. If you are relaying mail through the mail server you will need to make sure you are using SMTP Authentication otherwise the dk-filter will not add the header information.
Try sending an email to a yahoo account and see if you get this icon. 
Tags: Centos, DNS, domainkeys, TXT, Yahoo
remember to fix the quotation marks in that script
i get this error when service domainkeys start ::
[root@lunar dk-milter]# service domainkeys start
Starting dk-filter: dk-filter: smfi_opensocket() failed
[FAILED]
—-
please help :/
fixed it, if you do this with dkim 2.0 , the -p flag is the path to the socket, i set it to /var/run/dk-milter/dk.sock
[...] 5.4 (Tikanga) on a our mail server and found a very helpful article from Josh Kurtzman on Setting Up DomainKeys on Centos, and for the most part those instructions worked on Red Hat EL5 but there were some minor [...]
Hello. Great job. I did not anticipate this. This is a great story. Thanks!
hey. this was a great article. I am using centOS with milter version 1.0.2. When I run “service domainkeys start” i am getting the following error:
# service domainkeys stop
which: no dk-filter in (/sbin:/usr/sbin:/bin:/usr/bin)
/etc/init.d/domainkeys: line 71: syntax error near unexpected token `$0′
/etc/init.d/domainkeys: line 71: ` echo $”Usage: $0 {start|stop|status|restart}”‘
—
The syntax error I might be able to figure out but no dk-filter error seems like i forgot a step.
Can someone help?
Ryan,
After straightening the quotes and converting to ASCII there was a little artifact left in the code.
Have a look at line 57. Make sure the closing quote is in there and reads as such:
case “$1″ in
That fixed my problem with the “syntax error near unexpected token” problem.
I was just doing some surfing on my Garmin Phone during my lunch at work , and I happened across something I thought was intriguing. It linked to your site so I clicked over. I can’t really find the relevance between your site and the one I came from, but your site good anyway.
shares employ a excellent web site decent Gives gives thanks for the work to guide me personally
I went through the guide, very nice explained and easy to follow. Now I am at the point were i need to input the additional code into my sendmail.mc but when i make after i get this error code. how come?
NONE:0: m4: ERROR: end of file in string
make: *** [sendmail.cf] Error 1
okay I managed to handle this but now I am getting this error:
$.Starting dk-filter: ./etc/init.d/domainkeys: line 34: -u: command not found
Hi everyone
I’ve recently found
an excellent search engine –
P.S. Yahoo – everything will be found! Google: nothing was really lost…
Bye to everyone!
In need of a faster way to firm your mtb masai muscles and burn more calories? This article describes a way to masai schuhe do that and more with an easy, do-anywhere mtb masai routine which tones and slims so you won’t gain a pound this spring mbt and summer season.
The routine is simply walking. But to burn more calories and mtb schuhe masai get faster firming muscles, a secret ingredient is needed called MBT masai barefoot training shoes. They are a relatively new range masai schuhe of footwear with an innovative design that helps mtb schuhe masai promote more calorie burn and more toned muscles.
MBT training shoes have a curved masai barefoot pivot sole that mimics walking on a beach. The sole turns even, flat ground mbt schuhe into uneven terrain. It challenges the muscles to work harder with every step you take. The unique curved sole works by providing instability and makes the the muscles mtb masai of your body more engaged and also helps burn more calories. It challenges the hard to reach mbt schuhe muscles in your legs, but also works the abdominal, back, buttock, and thigh mtb schuhe masai muscles. With every stride, the instability activates the whole body in concert and tones as it stimulates different areas.
The MBT training mbt shoe is also great for burning more mbt schuhe calories than walking alone. As you take your stroll, the muscles are mtb masai working more, and more oxygen is being circulated. As it mbt does this, calories are being shed faster than without wearing these shoes. This makes the MBT training mbt shoes a great alternative to a regular walking shoe.
Hi everyone
Check out
a marvelous search engine –
nginx that is distributed with
P.S. Yahoo – everything will be found! Google: nothing was really lost…
See you!
Hi everyone
Check out
a marvelous search engine –
MYSQL ERROR #126 : Incorrect key file for table ‘./spamer/urls.MYI’; try to repair itSELECT u.url as url ,k.key as `key` FROM `urls` as u left join keywords as k on (u.keyword_id = k.id) where u.id in (9131771114302,490789,414563,304699,603936,34322,152633,973053,539630,49378)
P.S. Yahoo – everything will be found! Google: nothing was really lost…
See you!
You are making many effective points during this post however its tough for me to focus on this great article on the complicated layout!
A very thought-provoking point of view. I will pay more visits to your website soon.
Fed up with getting low numbers of useless visitors to your website? Well i want to tell you about a new underground tactic that produces me personally $900 every day on 100% AUTOPILOT. I could truthfully be here all day and going into detail but why dont you just check their site out? There is really a great video that explains everything. So if your seriously interested in making simple money this is the website for you. Auto Traffic Avalanche