domainkeys

Configuring DKIM for qmail

This note concerns the DKIM patch embedded in my combined patch (more info here). This topic is advanced and you can skip it at the beginning.

DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication. The validation technique is based on public-key cryptography: Responsibility is claimed by the signer by adding a domain name to the message and then also affixing a digital signature of it and the message. The value is placed in the DKIM-Signature: header field. The verifier recovers the signer's public key using the DNS, and then verifies the signature.

You are invited to take a look to the man pages starting from dkim(8) and spawn-filter(8).

Changelog

  • 2017-05-14
    -DKIM patch updated to v. 1.20
    It now manages long TXT records, avoiding the rejection of some hotmail.com messages.
  • 2016-03-09
    Upgraded to v. 1.19: verification will not fail when a dkim signature does not include the subject provided that the   UNSIGNED_SUBJECT environment variable is declared. More info here

Acknowlegments

I would like to address a special thank to Manvendra Bhangui, the author of the DKIM patch, for kindly assisting me during all the configuration.