Signing sendmail messages with DKIM using OpenDKIM is easier then you think!
Update: Note that long after writing this guide, I've switched to Postfix as my mail server, so this guide was correct at the time of writing, it might be obsolete and/or incorrect at the time of reading.
Following Ubuntu's guide, execute this command:
sudo apt-get install opendkim opendkim-tools
First, think up a selector used for differentiating this key from others.
If you have different means of sending an email from one @server.com, they might
have different keys. For example I use Yandex mail for domain, which
have their own set of private and public keys and use
sendmail as a selector for this one.
Execute this command:
opendkim-genkey -t -s [selector]
This will generate two files:
[selector].priv storing your private key
[selector].txt storing DNS record.
*.priv file to an appropriate location on the server
and add contents of
*.txt file to your DNS.
It depends on your provider and details of your setup, but generally it's about
adding a TXT record for a
Contents of this record is in the
*.txt file generated by
/etc/opendkim.conf file. You need to uncomment and change only these three lines:
Domain [your domain] KeyFile [keyfile] Selector [selector]
[keyfile] is a path to your private key.
Restart opendkim service:
sudo service opendkim restart
Find out the socket used by opendkim:
ps aux | grep opendkim
-p parameter and usually is
/etc/mail/sendmail.mc file and add this line anywhere (f.ex, at the bottom):
(change socket location if it's different in your case)
Finally, rebuild the sendmail config, as it's said on the top of
I believe you know how to send mail, but just in case:
To send a message to
email@example.com, use this command:
mail -s "Message subject" firstname.lastname@example.org <<<"Message body"
To test how this stuff works, you can use one or more of autorespond email addresses listed at dmarc.org, like this:
echo "test message" | mail -s "DKIM test" checkmyauth@''auth.returnpath.net