ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Setup Exim with DKIM for Multiple Domains with Smarthost

    IT Discussion
    exim exim4 debian email header email dkim smart host connector smarthost transport
    1
    1
    3.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dbeatoD
      dbeato
      last edited by

      Recently I have had to enable DKIM for Exim for some customers using POP3/IMAP servers. This was not working even though I followed the steps on here:
      https://debian-administration.org/article/718/DKIM-signing_outgoing_mail_with_exim4

      I had folllowed the article to the tee but it was not working. This is what worked for me.

      1- Login to your Exim Server
      2- Create the Dkim folder

      sudo mkdir /etc/exim4/dkim

      3- Create a private key for each domain (you can use a script) in the /etc/exim4/dkim folder.

      cd /etc/exim4/dkim
sudo openssl genrsa -out domain.com-private.pem 2048 -outform PEM

      4- Create the Public key

      openssl rsa -in domain.com-private.pem -out domain.com-public.pem -pubout -outform PEM

      5- Create the /etc/exim4/conf.d/main/00_local_macros file

      sudo nano /etc/exim4/conf.d/main/00_local_macros

      6- Fill the content

      DKIM_CANON = relaxed
DKIM_SELECTOR = 20200422

# Get the domain from the outgoing mail.
DKIM_DOMAIN = ${sg{${lc:${domain:$h_from:}}}{^www\.}{}}

# The file is based on the outgoing domain-name in the from-header.
DKIM_FILE = /etc/exim4/dkim/{DKIM_DOMAIN}-private.pem

# If key exists then use it, if not don't.
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

      7- Set the permissions on the file

      sudo chown -R Debian-exim:Debian-exim /etc/exim4/dkim/
sudo chmod 640 /etc/exim4/dkim/*

      8 - Update the /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost file

      sudo nano /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost

      9- Add the following to the bottom of the file and save it

      .ifdef DKIM_DOMAIN
dkim_domain = DKIM_DOMAIN
.endif
.ifdef DKIM_SELECTOR
dkim_selector = DKIM_SELECTOR
.endif
.ifdef DKIM_PRIVATE_KEY
dkim_private_key = DKIM_PRIVATE_KEY
.endif
.ifdef DKIM_CANON
dkim_canon = DKIM_CANON
.endif
.ifdef DKIM_STRICT
dkim_strict = DKIM_STRICT
.endif
.ifdef DKIM_SIGN_HEADERS
dkim_sign_headers = DKIM_SIGN_HEADERS
.endif

      10- Update the Exim4 Configuration

      sudo update-exim4.conf

      10- Restart the Exim4 Service

      sudo service exim4 restart

      Now your emails coming from domains that have DKIM will be signed. In order to get your DKIM record you must match the select your configured and use the Public key that you made earlier. You can find instructions below
      https://www.obstance.com/ubuntu/dkim-on-multiple-domains-with-exim4

      1 Reply Last reply Reply Quote 2
      • 1 / 1
      • First post
        Last post