User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
email:configure-dkim-spf-dmarc [2025/03/13 14:05] – [Configure proper mail delivery] willyemail:configure-dkim-spf-dmarc [2025/06/13 12:43] (current) willy
Line 63: Line 63:
 === Socket Setup === === Socket Setup ===
  
-For security reasons you want the DKIM keys not to be readable by Postfix, but you want Postfix capable to access the OpenDKIM socket or it would not be possible to actually sign any outbound email at all. The default Gentoo users setup is not ideal for this, as you either let Postfix access the keys by adding it to the //opendkim// group or let OpenDKIM accesso postfix configuration by addig it to the //postfix// group.+For security reasons you want the DKIM keys not to be readable by Postfix, but you want Postfix capable to access the OpenDKIM socket or it would not be possible to actually sign any outbound email at all. The default Gentoo users setup is not ideal for this, as you either let Postfix access the keys by adding it to the //opendkim// group or let OpenDKIM access postfix configuration by addig it to the //postfix// group.
  
 The solution is to add a new group, called **dkimsocket**, add the user //postfix// to it, then replace opendkim default group with it so that the socket gets created with the proper ownership: The solution is to add a new group, called **dkimsocket**, add the user //postfix// to it, then replace opendkim default group with it so that the socket gets created with the proper ownership:

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information