Как подключить dkim(opendkim)
Вот мои конфиги:
opendkim.conf
Syslog yes
LogWhy yes
Canonicalization relaxed/simple
Mode sv
Domain konataa.ru
KeyFile /etc/opendkim/keys/konataa.ru/default.private
Selector default
Socket inet:8891@localhost
PidFile /var/run/opendkim/opendkim.pid
UserID opendkim
UMask 002
KeyTable /etc/opendkim/KeyTable
SigningTable /etc/opendkim/SigningTable
ExternalIgnoreList /etc/opendkim/TrustedHosts
InternalHosts /etc/opendkim/TrustedHosts
KeyTable
default._domainkey.konataa.ru konataa.ru:/etc/opendkim/keys/konataa.ru/default.private
SigningTable
*@konataa.ru default._domainkey.konataa.ru
TrustedHosts
127.0.0.1
localhost
konataa.ru
Права на эти файлы:
[cfuser@void ~]$ sudo ls -la /etc/opendkim.conf
lrwxrwxrwx 1 root root 27 Apr 24 19:51 /etc/opendkim.conf -> /etc/opendkim/opendkim.conf
[cfuser@void ~]$ sudo ls -la /etc/opendkim/
total 28
drwxr-xr-x 3 root root 4096 Apr 24 21:22 .
drwxr-xr-x 56 root root 4096 Apr 24 21:30 ..
-rw-r--r-- 1 root root 87 Apr 24 22:48 KeyTable
-rw-r--r-- 1 root root 43 Apr 24 22:45 SigningTable
-rw-r--r-- 1 root root 31 Apr 24 21:22 TrustedHosts
drwxr-xr-x 3 opendkim opendkim 4096 Apr 20 15:05 keys
-rw-r--r-- 1 opendkim opendkim 619 Apr 24 22:16 opendkim.conf
[cfuser@void ~]$ sudo ls -la /etc/opendkim/keys
total 16
drwxr-xr-x 3 opendkim opendkim 4096 Apr 20 15:05 .
drwxr-xr-x 3 root root 4096 Apr 24 21:22 ..
-rw------- 1 opendkim opendkim 1704 Mar 30 16:39 default.private
drwx------ 2 opendkim opendkim 4096 Apr 24 22:41 konataa.ru
[cfuser@void ~]$ sudo ls -la /etc/opendkim/keys/konataa.ru
total 16
drwx------ 2 opendkim opendkim 4096 Apr 24 22:41 .
drwxr-xr-x 3 opendkim opendkim 4096 Apr 20 15:05 ..
-rw------- 1 root root 916 Apr 24 22:41 default.private
-rw------- 1 root root 314 Apr 24 22:41 default.txt
[cfuser@void ~]$
DNS запись:
[cfuser@void ~]$ sudo cat /etc/opendkim/keys/konataa.ru/default.txt
default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDtsJfi78PVp4890/PMXiu2imC7RGr7zqbb8/DpnvRQbtuRhPaLh57UN58AL3lqRRYUghqcwPHwaCsM5HVdUo2XyPW/bzicD+9KFRm+oe4l5cmnhl/QyMwPrbeVFFHdw0j1VuhRRpOLXqftrps/OgFnLhRCLfCR9FvE4yz6mR4rCQIDAQAB" ) ; ----- DKIM key default for konataa.ru
[cfuser@void ~]$ dig +short default._domainkey.konataa.ru TXT
"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/wrOwy/NTTNR48xIf35LyjGIrFbuMiElmJUYD78ZB8SlCxxtQb/J8AVvQBECgJgBEpu0XqC5r9/KfNZxVZyTpqIatUZ+tlBbyBHNGaztZWhRxAJXL/eaTXBaKuwd9wDfMgQXjHT4AFiy3FRfr2D16PIIac/VsiLpvS77a8UK7JQIDAQAB"
[cfuser@void ~]$
Логи при отправке почты:
mail.info: Apr 24 23:03:31 postfix/anvil[29497]: statistics: max connection rate 1/60s for (smtp:195.211.191.90) at Apr 24 23:00:11
mail.info: Apr 24 23:03:31 postfix/anvil[29497]: statistics: max connection count 1 for (smtp:195.211.191.90) at Apr 24 23:00:11
mail.info: Apr 24 23:03:31 postfix/anvil[29497]: statistics: max cache size 1 at Apr 24 23:00:11
mail.info: Apr 24 23:03:34 postfix/smtpd[29762]: connect from unknown[46.187.110.84]
mail.info: Apr 24 23:03:35 postfix/smtpd[29762]: 1F3FF700447: client=unknown[46.187.110.84], sasl_method=LOGIN, [email protected]
mail.info: Apr 24 23:03:35 postfix/cleanup[29766]: 1F3FF700447: message-id=<[email protected]>
mail.info: Apr 24 23:03:35 opendkim[28535]: 1F3FF700447: no signing table match for '[email protected]'
mail.debug: Apr 24 23:03:35 opendkim[28535]: 1F3FF700447: no signature data
mail.info: Apr 24 23:03:35 postfix/qmgr[27580]: 1F3FF700447: from=<[email protected]>, size=2631, nrcpt=1 (queue active)
mail.info: Apr 24 23:03:35 postfix/smtp[29767]: Trusted TLS connection established to gmail-smtp-in.l.google.com[173.194.222.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256
mail.info: Apr 24 23:03:36 postfix/smtp[29767]: 1F3FF700447: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[173.194.222.26]:25, delay=1.1, delays=0.12/0.06/0.41/0.51, dsn=2.0.0, status=sent (250 2.0.0 OK 1745525016 2adb3069b0e04-54e7c719764si928793e87.13 - gsmtp)
mail.info: Apr 24 23:03:36 postfix/qmgr[27580]: 1F3FF700447: removed
Исходное сообщение GMail:
Delivered-To: [email protected]
Received: by 2002:a05:7108:7f82:b0:3ef:f214:ac2f with SMTP id ir2csp4561554gdb;
Thu, 24 Apr 2025 13:03:36 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFON4SvkKfdsZZxYwIbbvP7Gu56eozuv+I63l80eG/77S0dVEnGr16uURrYAT3A18Y9+ZcB
X-Received: by 2002:a05:6512:e8a:b0:545:225d:6463 with SMTP id 2adb3069b0e04-54e7c542ba2mr1361919e87.42.1745525016017;
Thu, 24 Apr 2025 13:03:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1745525016; cv=none;
d=google.com; s=arc-20240605;
b=cWgbepEeqc8BuFvxtBFAuodAplm2KFKTxz/tbdkmL4Xl4Ef8g0DsyRlyStgK/CkDJq
qsM5ghMjGmNI7wiYPcTsPzckeYZOCz+Zcisc+3qWxqxCz8ErB9dRtJvFymNMOqxPjdtH
1HBBNP3Eg+srO/sdMQ+UkEm8fxcExkIQ3cd8ndettNa5GmmC3bm2r/F1MPhe0VdUD9nQ
HUstciAM7gtJWhsAyDlXwdTtH0Sq3jFrPswcZBpINy71PaarVIPvQL9KgnQRNW6PPp2y
KUb3dJAeOC7oarU4aIiGnhCH0VlhIDAOMr/LgzRo1sDKQmg/yE7gfipKOEgal9xB7NbG
4bgA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=content-language:thread-index:mime-version:message-id:date:subject
:to:from;
bh=MbNzlq2/VuyIKg2rywmNs3gAntfoI4nOnsgNaTzegDg=;
fh=LTjrMfCi+jhUpfoG6sx2zLH6v6G1pKQvCDomteUC1BM=;
b=Zr/YwD8O8LigNw3MOThBJVyUtOpuLW4aHWunpp9gtqPOQHRsrcC4kkhx9c8ANiBEw3
FYn2dpmIBlJXbaxz9FEVY94qkgPd/nASHCz5MGo1Z6xOUzooGLAK3foJc/hezQsAomw0
NwyaqdltQANA55g5/9VGRRuW5qx6LdIR67A5NI7CHQoOvY1M7xzOdczXF5kjXvr6IrM4
Z74BfyVcA3rbaef8NkbGcNZD9qNRzfsQ5ncZdYDXAfLB+3bVSDrh+yv0IP/P9WmKZ8A+
l2wJo/NqwyRwzj+OoLIbq93MutiCig9zWxqvHrkGTF5dG04CXvA401st4eVPqxfRTdDN
ZmHw==;
dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of [email protected] designates 46.187.110.84 as permitted sender) [email protected];
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=konataa.ru
Return-Path: <[email protected]>
Received: from mail.konataa.ru ([46.187.110.84])
by mx.google.com with ESMTPS id 2adb3069b0e04-54e7c719764si928793e87.13.2025.04.24.13.03.35
for <[email protected]>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 24 Apr 2025 13:03:35 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 46.187.110.84 as permitted sender) client-ip=46.187.110.84;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of [email protected] designates 46.187.110.84 as permitted sender) [email protected];
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=konataa.ru
Received: from KOMPUTER (unknown [46.187.110.84]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.konataa.ru (Postfix) with ESMTPSA id 1F3FF700447 for <[email protected]>; Thu, 24 Apr 2025 23:03:35 +0300 (MSK)
From: <[email protected]>
To: <[email protected]>
Subject: dev
Date: Thu, 24 Apr 2025 23:03:31 +0300
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_2AD8_01DBB56D.195B2CF0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: Adu1U+5jEGXaX2RSTcSnskfarWS0fg==
Content-Language: en-us
------=_NextPart_000_2AD8_01DBB56D.195B2CF0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
dev
------=_NextPart_000_2AD8_01DBB56D.195B2CF0
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV=3D"Content-Type" CONTENT=
=3D"text/html; charset=3Dus-ascii"><meta name=3DGenerator content=3D"Micros=
oft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
=09{font-family:"Cambria Math";
=09panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
=09{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
=09{margin:0in;
=09font-size:12.0pt;
=09font-family:"Aptos",sans-serif;
=09mso-ligatures:standardcontextual;
=09mso-fareast-language:EN-US;}
span.EmailStyle17
=09{mso-style-type:personal-compose;
=09font-family:"Aptos",sans-serif;
=09color:windowtext;}
.MsoChpDefault
=09{mso-style-type:export-only;
=09mso-fareast-language:EN-US;}
@page WordSection1
=09{size:8.5in 11.0in;
=09margin:56.7pt 42.5pt 56.7pt 85.05pt;}
div.WordSection1
=09{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DRU link=3D"#467886" v=
link=3D"#96607D" style=3D'word-wrap:break-word'><div class=3DWordSection1><=
p class=3DMsoNormal><span lang=3DEN-US>dev<o:p></o:p></span></p></div></bod=
y></html>
------=_NextPart_000_2AD8_01DBB56D.195B2CF0--
Ответы (1 шт):
Автор решения: iusevoidbtw
→ Ссылка
Вот разгадка тайны:
opendkim.conf
SigningTable refile:/etc/opendkim/SigningTable
Eсли вдруг вылезут ошибки, то 99% неправильно настроены права на файлы.