OpenDKIM (Open Domain Keys Identified Mail)

byLynix Networks -
OpenDKIM, Open Domain Keys Identified Mail, Mikrotik Cirebon, IT Solution Cirebon

OpenDKIM (Open Domain Keys Identified Mail).

OpenDKIM (Open Domain Keys Identified Mail) adalah sebuah program Open Source yang digunakan untuk menerapkan verifikasi digital pada email yang dikirim dari sebuah domain.

OpenDKIM membantu mengamankan proses pengiriman email dengan menambahkan tanda tangan digital yang dapat diverifikasi oleh penerima.

Install OpenDKIM di Debian Linux.

1. Login ke dalam Sistem Operasi Debian menggunakan SSH sebagai root.

su

2. Install opendkim dan opendkim-tools.

apt install opendkim opendkim-tools

3. Buat directory (nama-domain-anda) di /etc/dkimkeys/.

mkdir /etc/dkimkeys/openbsd.lynixnetwork.com

4. Generate Private Key dan DKIM Record untuk domain anda.

opendkim-genkey -b 1024 -D /etc/dkimkeys/openbsd.lynixnetwork.com -d openbsd.lynixnetwork.com -s default -v

OpenDKIM, Open Domain Keys Identified Mail, Mikrotik Cirebon, IT Solution Cirebon

5. Buat file KeyTable di /etc/dkimkeys/openbsd.lynixnetwork.com.

nano /etc/dkimkeys/openbsd.lynixnetwork.com/KeyTable

default._domainkey.openbsd.lynixnetwork.com openbsd.lynixnetwork.com:default:/etc/dkimkeys/openbsd.lynixnetwork.com/default.private

6. Buat file SigningTable di /etc/dkimkeys/openbsd.lynixnetwork.com.

nano /etc/dkimkeys/openbsd.lynixnetwork.com/SigningTable

*@openbsd.lynixnetwork.com default._domainkey.openbsd.lynixnetwork.com

7. Buat file TrustedHosts di /etc/dkimkeys/openbsd.lynixnetwork.com.

nano /etc/dkimkeys/openbsd.lynixnetwork.com/TrustedHosts

127.0.0.1
192.168.1.11
openbsd.lynixnetwork.com

8. Rubah kepemilikan directory /etc/dkimkeys/openbsd.lynixnetwork.com/ secara recursive.

chown -R opendkim:opendkim /etc/dkimkeys/openbsd.lynixnetwork.com/

9. Rubah hak akses file yang berisi Private Key dan DKIM Record.

chmod 640 /etc/dkimkeys/openbsd.lynixnetwork.com/default.*

10. Hapus konfigurasi dasar OpenDKIM.

rm /etc/opendkim.conf

11. Buat baru konfigurasi OpenDKIM.

nano /etc/opendkim.conf

12. Copy paste text berikut kedalam editor nano.

Syslog yes
SyslogSuccess yes
LogWhy Yes
AutoRestart Yes
AutoRestartRate 10/1h
UMask 002
#SignatureAlgorithm rsa-sha256
Canonicalization relaxed/simple
Mode sv
#SubDomains no
OversignHeaders From
ExternalIgnoreList refile:/etc/dkimkeys/openbsd.lynixnetwork.com/TrustedHosts
InternalHosts refile:/etc/dkimkeys/openbsd.lynixnetwork.com/TrustedHosts
KeyTable refile:/etc/dkimkeys/openbsd.lynixnetwork.com/KeyTable
SigningTable refile:/etc/dkimkeys/openbsd.lynixnetwork.com/SigningTable
Domain openbsd.lynixnetwork.com
RequireSafeKeys False
Selector default
KeyFile /etc/dkimkeys/openbsd.lynixnetwork.com/default.private
UserID opendkim
UMask 007
#Socket local:/run/opendkim/opendkim.sock
#Socket inet:8891@localhost
Socket inet:8891
#Socket local:/var/spool/postfix/opendkim/opendkim.sock
PidFile /run/opendkim/opendkim.pid
TrustAnchorFile /usr/share/dns/root.key

13. Restart atau start service OpenDKIM.

systemctl restart opendkim

OpenDKIM, Open Domain Keys Identified Mail, Mikrotik Cirebon, IT Solution Cirebon

Konfigurasi DKIM di DNS Management Hosting (cPanel atau DirectAdmin).

1. Siapkan DKIM Record hasil Generate opendkim-genkey.

cat /etc/dkimkeys/openbsd.lynixnetwork.com/default.txt

OpenDKIM, Open Domain Keys Identified Mail, Mikrotik Cirebon, IT Solution Cirebon

2. Buat record baru di DNS Management Hosting (cPanel atau DirectAdmin) tipe TXT, Key: default._domainkey, Nilai: salin isi dari file default.txt.

OpenDKIM, Open Domain Keys Identified Mail, Mikrotik Cirebon, IT Solution Cirebon

3. Validasi DKIM DNS Record dengan tool dari https://mxtoolbox.com.

OpenDKIM, Open Domain Keys Identified Mail, Mikrotik Cirebon, IT Solution Cirebon

OpenDKIM - Lynix
April 28, 2024
Lebih baru Lebih lama