FreeBSDで稼働するpostfix+bindの環境にDKIMを導入する。
まずはpkgコマンドでOpenDKIMを導入する。
root@fbsd:~ # pkg search opendkim
opendkim-2.10.3_16 DKIM library and milter implementation
p5-Mail-OpenDKIM-4204 Perl interface to OpenDKIM C library
root@fbsd:~ # pkg install opendkim
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):New packages to be INSTALLED:
libsodium: 1.0.18
lua54: 5.4.6
opendkim: 2.10.3_16
unbound: 1.18.0_1Number of packages to be installed: 4
The process will require 12 MiB more space.
3 MiB to be downloaded.Proceed with this action? [y/N]: y
[1/4] Fetching unbound-1.18.0_1.pkg: 100% 2 MiB 2.3MB/s 00:01
[2/4] Fetching lua54-5.4.6.pkg: 100% 291 KiB 298.3kB/s 00:01
[3/4] Fetching opendkim-2.10.3_16.pkg: 100% 288 KiB 295.4kB/s 00:01
[4/4] Fetching libsodium-1.0.18.pkg: 100% 161 KiB 164.4kB/s 00:01
Checking integrity... done (0 conflicting)
[1/4] Installing libsodium-1.0.18...
[1/4] Extracting libsodium-1.0.18: 100%
[2/4] Installing unbound-1.18.0_1...
===> Creating groups.
Using existing group 'unbound'.
===> Creating users
Using existing user 'unbound'.
[2/4] Extracting unbound-1.18.0_1: 100%
[3/4] Installing lua54-5.4.6...
[3/4] Extracting lua54-5.4.6: 100%
[4/4] Installing opendkim-2.10.3_16...
[4/4] Extracting opendkim-2.10.3_16: 100%
=====
Message from opendkim-2.10.3_16:--
In order to run this port, write your opendkim.conf and:if you use sendmail, add the milter socket `socketspec' in
/etc/mail/<your_configuration>.mc:INPUT_MAIL_FILTER(`dkim-filter', `S=_YOUR_SOCKET_SPEC_, F=T, T=R:2m')
or if you use postfix write your milter socket `socketspec' in
/usr/local/etc/postfix/main.cf:smtpd_milters = _YOUR_SOCKET_SPEC_
And to run the milter from startup, add milteropendkim_enable="YES" in
your /etc/rc.conf.
Extra options can be found in startup script.Note: milter sockets must be accessible from postfix/smtpd;
using inet sockets might be preferred.
root@fbsd:~ #
次に/etc/rc.confに下行を追加
milteropendkim_enable="YES"
インストールされる/usr/local/etc/mail/opendkim.confはいささか長いので、
opendkim.conf.orgとかに退避。下記を貼り付けた。
(ドメイン名はインストール先の環境に合わせること)
# vi /usr/local/etc/mail/opendkim.conf
Canonicalization simple/simple
Domain example.jp
KeyFile /var/db/dkim/example.jp.private
LogWhy yes
Mode sv
ReportAddress "DKIM Error Postmaster" <postmaster@example.jp>
Selector example.jp
SendReports yes
Socket inet:8891@localhost
SubDomains yes
Syslog Yes
SyslogSuccess yes
UMask 002
次に/etc/groupを編集。mailnullにpostfixを追加する
mailnull:*:26:postfix
postfixのmain.cfに下記を追加
# mail filter
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
milter_default_action = accept
OpenDKIMを起動するとともにPostfixとnamedbを再起動する。
kill -HUP `cat /var/run/named/pid `
postfix reload
/usr/local/etc/rc.d/milter-opendkim start
googleにメールして、DKIMが有効になっていることを確認する。
コメント