So how do I get Postfix to verify and sign messages with the DKIM system, under Debian? Here is how.
- First we need to install the dependencies.
$ sudo aptitude install libdigest-sha{,1}-perl libemail-{address,mime-encodings}-perl libnet-{dns,server}-perl libcrypt-openssl-rsa-perl liberror-perl make libmailtools-perl -
$ sudo cpan install Mail::DKIM
-
$ perl Makefile.PL $ make $ make install
-
$ ./configure --prefix=/usr/local $ make install
-
$ sudo adduser --system --shell /bin/false --home /var/run/dkimproxy --group dkimproxy
-
$ sudo mkdir /etc/dkimproxy/ $ cd /etc/dkimproxy/ $ sudo openssl genrsa -out private.key 1024 $ sudo openssl rsa -in private.key -pubout -out public.key $ sudo chown -R root:dkimproxy . $ sudo chmod -R a=,u=rwX,g=rX,o=rX . $ sudo chmod o= private.key
Sorry, this solution will not run nicely on my NSLU2 so I have abandoned the rest of this documentation – it should help you somewhat though, hence I am publishing it anyway.
To get dkimproxy to compile on Debian go to Jason Long’s site and download the following, the official .16 release will make the the dkimproxy.out and .in files in /usr/local/bin , The .28 last beta release is only good for the perl code, not the binary dkimproxy.something
I am migrating to debian r4 from an ‘older’ version of fedora core which dkim signing worked, and so its a matter of transferring scripts and crypt files.
A problem with debian is that quite a few scripts in the mail packages only handle one instance of a mail server per host, I have to support multiple instances of postfix and amavis and dkim support so if you want a dkimproxy script from init.d i can probably give you one that works
Ive not tested dkim signing since i bolt it something ive yet to configure but i see no problems when i check ps – e
Cheers, I have given up on it for now. Should hopefully see some more support in Debian Lenny whenever that gets released.