CONTENTS
Lastmodified 2024-01-16 (火) 11:24:55
【参考URL】https://wp.kncn.net/277
https://qiita.com/Chun3/items/4c15ee889b052df67bbd
portinstall mail/opendkim
unbound-1.16.1 も依存関係でインストールされるが、ダウンロード途中で Login: PW:を求められ、いずれも空白でOKだった。
In order to run this port, write your opendkim.conf and: if you use sendmail, add the milter socket `socketspec' in /etc/mail/<your_configuration>.mc: INPUT_MAIL_FILTER(`dkim-filter', `S=_YOUR_SOCKET_SPEC_, F=T, T=R:2m') or if you use postfix write your milter socket `socketspec' in /usr/local/etc/postfix/main.cf: smtpd_milters = _YOUR_SOCKET_SPEC_ And to run the milter from startup, add milteropendkim_enable="YES" in your /etc/rc.conf. Extra options can be found in startup script. Note: milter sockets must be accessible from postfix/smtpd; using inet sockets might be preferred.
/etc/rc.conf
milteropendkim_enable="YES"
/usr/local/etc/mail/opendkim.conf
Canonicalization simple/simple Domain smb.net KeyFile /var/db/dkim/smb.net.private LogWhy yes Mode sv ReportAddress "DKIM Error Postmaster" <postmaster@smb.net> Selector smb.net SendReports yes Socket local:/var/run/milteropendkim/socket SubDomains yes Syslog Yes SyslogSuccess yes UMask 002
/etc/group
pw group mod mailnull -m postfix
mailnull:*:26:postfix <-- postfix 追加
# mkdir /var/db/dkim # chmod 700 /var/db/dkim # opendkim-genkey -D /var/db/dkim -d smb.net -s smb.net # chown -R mailnull:mailnull /var/db/dkim
/usr/local/etc/namedb/smb.net.zone
_domainkey IN TXT "t=y; o=~" smb.net._domainkey IN TXT "v=DKIM1; k=rsa; p=hogehoge" _adsp._domainkey IN TXT "dkim=unknown"
2行目は /var/db/dkim/smb.net.txt の内容を設定。こんなかんじか?
_domainkey IN TXT "t=y; o=~" smb.net._domainkey IN TXT "v=DKIM1; k=rsa; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWTSD8w....WwIDAQAB" ) ; ----- DKIM key smb.net for smb.net _adsp._domainkey IN TXT "dkim=unknown"
/usr/local/etc/postfix/main.cf
# opendkim mail filter smtpd_milters = unix:/var/run/milteropendkim/socket non_smtpd_milters = $smtpd_milters milter_default_action = accept
# mail hogehoge@smb.net Subject: TEST TEST . EOT # collect: Cannot write ./df26U3v8rT004196 (bfcommit, uid=25, gid=25): Permission denied queueup: cannot create queue file ./qf26U3v8rT004196, euid=25, fd=-1, fp=0x0: Permission denied
これは、var/spool/clientmqueue にキューファイルが書き込めないという事のようなので、
chown smmsp:smmsp /var/spool/clientmqueue
した。
Jul 30 16:44:37 g7 opendkim[5034]: OpenDKIM Filter: Unable to bind to port local:/var/run/milteropendkim/socket: Permission denied Jul 30 16:44:37 g7 opendkim[5034]: OpenDKIM Filter: Unable to create listening socket on conn local:/var/run/milteropendkim/socket Jul 30 16:44:37 g7 opendkim[5034]: smfi_opensocket() failed
/var/run/milteropendkim フォルダを mailnull:mailnull とした。
chown -R mailnull:mailnull /var/run/milteropendkim
https://qiita.com/geeorgey/items/450b498d2b98b6b868a8
Authentication-Results: mx.google.com; dkim=pass header.i=@kuji-clinic.net header.s=kuji-clinic.net header.b=Cmlx06jK; dkim=pass header.i=@kuji-clinic.net header.s=kuji-clinic.net header.b="4N/mbxrB"; spf=pass (google.com: best guess record for domain of root@g7.kuji-clinic.net designates 210.255.122.215 as permitted sender)
https://www.nic.ad.jp/ja/materials/iw/2011/proceedings/s03/s03-03.pdf
https://igreks.jp/dev/dkim-multiple-domain-maker-3rdparty/
https://forums.freebsd.org/threads/issues-with-opendkim.72749/
https://blog.balyuzi.uk/dkim-postfix-on-freebsd/
/etc/rc.conf
milteropendkim_enable="YES"
/etc/group
mailnull:*:26:postfix <-- postfix 追加
認証鍵を作成。
# mkdir /var/db/dkim # chmod 700 /var/db/dkim # opendkim-genkey -D /var/db/dkim -d smb.net -s smb.net # opendkim-genkey -D /var/db/dkim -d niihama-med.or.jp -s niihama-med.or.jp # chown -R mailnull:mailnull /var/db/dkim
/usr/local/etc/mail/opendkim.conf
## opendkim.conf -- configuration file for OpenDKIM filter ## Copyright (c) 2010-2015, The Trusted Domain Project. All rights reserved. AutoRestart YES AutoRestartRate 10/1h Canonicalization relaxed/simple # Domain smb.net ExternalIgnoreList filename InternalHosts dataset # KeyFile /var/db/dkim/example.private KeyTable /usr/local/etc/mail/opendkim.keytable LogWhy Yes # Selector name SigningTable refile:/usr/local/etc/mail/opendkim.signingtable # Socket inet:port@localhost Socket local:/var/run/milteropendkim/socket Syslog Yes SyslogSuccess Yes UMask 002
が出た。 原因は、上記設定の Umask を022としていたためだった(脱
Total access 895:本日 3:昨日 0