In this video we improve our sent email score to 8.9/10 by adding a DKIM to our Raspberry Pi and DNS server. This is the third phase of work towards making our emails end up in our recipients inbox and not their spam box.
The settings snippets I promise in the video is here. Please note that YouTube now has Markdown, so any text below starting with a # is considered a header. This clearly breaks the example settings, much of which contain #’s.
So, please note every comment # has a \ in front of it that will need *removing*, so make sure you copy and past this into a text editor, remove the \’s at the start and then paste in.
\# This is a basic configuration that can easily be adapted to suit a standard
\# installation. For more advanced options, see (5) and/or
\# /usr/share/doc/opendkim/examples/.
\# Log to syslog
Syslog yes
\# Required to use local socket with MTAs that access the socket as a non-
\# privileged user (e.g. Postfix)
UMask 002
\# Sign for with key in /etc/dkimkeys/ using
\# selector ’2007’ (e.g. )
\#Domain
\#KeyFile /etc/dkimkeys/
\#Selector 2007
\# Commonly-used options; the commented-out versions show the defaults.
Canonicalization simple
Mode sv
SubDomains no
AutoRestart yes
AutoRestartRate 10/1M
Background yes
DNSTimeout 5
SignatureAlgorithm rsa-sha256
\# Socket smtp://localhost
\#
\# ## Socket socketspec
\# ##
\# ## Names the socket where this filter should listen for milter connections
\# ## from the MTA. Required. Should be in one of these forms:
\# ##
\# ## inet:port@address to listen on a specific interface
\# ## inet:port to listen on all interfaces
\# ## local:/path/to/socket to listen on a UNIX domain socket
\#
\#Socket inet:8892@localhost
Socket local:/var/spool/postfix/opendkim/
\## PidFile filename
\### default (none)
\###
\### Name of the file where the filter should write its pid before beginning
\### normal operations.
\#
PidFile /var/run/opendkim/
\# Always oversign From (sign using actual From and a null From to prevent
\# malicious signatures header fields (From and/or others) between the signer
\# and the verifier. From is oversigned by default in the Debian pacakge
\# because it is often the identity key used by reputation systems and thus
\# somewhat security sensitive.
OversignHeaders From
\## ResolverConfiguration filename
\## default (none)
\##
\## Specifies a configuration file to be passed to the Unbound library that
\## performs DNS queries applying the DNSSEC protocol. See the Unbound
\## documentation at for the expected content of this file.
\## The results of using this and the TrustAnchorFile setting at the same
\## time are undefined.
\## In Debian, /etc/unbound/ is shipped as part of the Suggested
\## unbound package
\# ResolverConfiguration /etc/unbound/
\## TrustAnchorFile filename
\## default (none)
\##
\## Specifies a file from which trust anchor data should be read when doing
\## DNS queries and applying the DNSSEC protocol. See the Unbound documentation
\## at for the expected format of this file.
TrustAnchorFile /usr/share/dns/
\## Userid userid
\### default (none)
\###
\### Change to user “userid“ before starting normal operation? May include
\### a group ID as well, separated from the userid by a colon.
\#
UserID opendkim
\# Map domains in From addresses to keys used to sign messages
KeyTable refile:/etc/opendkim/
SigningTable refile:/etc/opendkim/
\# Hosts to ignore when verifying signatures
ExternalIgnoreList /etc/opendkim/
\# A set of internal hosts whose mail should be signed
InternalHosts /etc/opendkim/
And here...
\# Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:/opendkim/
non_smtpd_milters = $smtpd_milters
47 views
2906
999
1 week ago 00:42:38 3
Ген Бога. Почему люди верят?
1 month ago 02:01:28 19
Агенты спецслужб шантажировали и вербовали 40 лет | Историческое расследование
2 months ago 00:54:10 2
Чернобыль: Трагедия, изменившая мир / Уроки истории @MINAEVLIVE
3 months ago 01:32:40 2
Владимир Ленин: Гений революции или талантливый манипулятор? / Личности @MINAEVLIVE
3 months ago 00:27:19 2
70 Moments Filmed Seconds Before Disaster!
3 months ago 00:29:41 2
Moments Filmed Seconds Before Disaster!
4 months ago 01:14:56 0
СТИВ ДЖОБС: Гений или американский психопат? / Истории кумиров @MINAEVLIVE
5 months ago 01:24:39 7
Инфоцыгане: от марафона желаний до марафона кредитов | Маркарян, Блиновская, разоблачение
5 months ago 00:00:00 32
alyona alyona - Дві душі
5 months ago 01:12:43 2
20 True Horrifying Ghost & Paranormal Scary Stories | Disturbing Horror Stories To Fall Asleep To
6 months ago 00:00:18 0
real life helldivers #shorts
6 months ago 00:20:27 0
ЕДИНСТВЕННЫЙ способ купить собственное ЖИЛЬЁ
6 months ago 00:19:16 0
Гомеопатия. Как у меня пригорело
6 months ago 00:13:54 2
Ancient Temple Shows Cell Phone & Wrist Watch? Built with Psychic Powers?
6 months ago 00:25:07 0
BRICS grows, adding Indonesia as member: world’s 4th most populous country, 7th biggest economy
6 months ago 01:50:47 0
Чё Происходит #254 | Украина перекрыла газ, фейк Гордона про конец войны, пацифик на Первом канале
6 months ago 00:17:28 4
ПТИЦУ ЕМЪ — уникальная рэп-группа (которую мы потеряли)
6 months ago 06:45:19 1
Жизнь по ту сторону (ВСЕ СЕРИИ) - эзотерический мультфильм для духовно взрослых людей.
6 months ago 01:00:40 0
ПОЯСНЯЮ ЗА ПНВ | Установка, стрельба, перемещение с прибором ночного видения!
6 months ago 00:28:36 0
ПЕРЕЕЗД В ИСПАНИЮ В 17! ПОТРЯСАЮЩАЯ ИСТОРИЯ
6 months ago 00:30:02 0
Заставил Моргенштерна читать презентацию для Скуфов в зуме
6 months ago 00:03:21 0
HammAli & Navai - Птичка (Премьера клипа)
6 months ago 00:03:37 0
NЮ feat. Николай Монро - Я буду бухать (Official video)
6 months ago 00:26:52 0
Кибергулаг: от электронных повесток до слежки в Сети | ВПН, Госуслуги и видеонаблюдение