snel.it rollover recommended .5 jaar SPF record $ dig TXT snel.it snel.it. 86400 IN TXT "v=" "spf1 +mx -all" DKIM opendkim.conf # This is a basic configuration that can easily be adapted to suit a standard # installation. For more advanced options, see opendkim.conf(5) and/or # /usr/share/doc/opendkim/examples/opendkim.conf.sample. # Log to syslog Syslog yes # Required to use local socket with MTAs that access the socket as a non- # privileged user (e.g. Postfix) UMask 007 # Sign for example.com with key in /etc/dkimkeys/dkim.key using # selector '2007' (e.g. 2007._domainkey.example.com) #Domain example.com #KeyFile /etc/dkimkeys/dkim.key #Selector 2007 Domain snel.it KeyFile /etc/dkimkeys/mail.private Selector mail # Commonly-used options; the commented-out versions show the defaults. #Canonicalization simple #Mode sv #SubDomains no # Socket smtp://localhost # # ## Socket socketspec # ## # ## Names the socket where this filter should listen for milter connections # ## from the MTA. Required. Should be in one of these forms: # ## # ## inet:port@address to listen on a specific interface # ## inet:port to listen on all interfaces # ## local:/path/to/socket to listen on a UNIX domain socket # Socket inet:8892@127.0.0.1 #Socket local:/var/run/opendkim/opendkim.sock ## PidFile filename ### default (none) ### ### Name of the file where the filter should write its pid before beginning ### normal operations. # PidFile /var/run/opendkim/opendkim.pid # Always oversign From (sign using actual Fr # malicious signatures header fields (From a # and the verifier. From is oversigned by d # because it is often the identity key used # somewhat security sensitive. OversignHeaders From ## ResolverConfiguration filename ## default (none) ## ## Specifies a configuration file to be pas ## performs DNS queries applying the DNSSEC ## documentation at http://unbound.net for ## The results of using this and the TrustA ## time are undefined. ## In Debian, /etc/unbound/unbound.conf is ## unbound package # ResolverConfiguration /etc/unbound/unb ## TrustAnchorFile filename ## default (none) ## ## Specifies a file from which trust anchor ## DNS queries and applying the DNSSEC proto ## at http://unbound.net for the expected fo TrustAnchorFile /usr/share/dns/root.ke ## Userid userid ### default (none) ### ### Change to user "userid" before starting ### a group ID as well, separated from the # UserID opendkim rsnel@penta:/var/www/meneer.snel.it-ssl$ cat /etc/opendkim.conf # This is a basic configuration that can easily be adapted to suit a standard # installation. For more advanced options, see opendkim.conf(5) and/or # /usr/share/doc/opendkim/examples/opendkim.conf.sample. # Log to syslog Syslog yes met in postfix main.cf milter_protocol = 2 milter_default_action = accept smtpd_milters = inet:127.0.0.1:8892 non_smtpd_milters = inet:127.0.0.1:8892 en in bind $ dig TXT mail._domainkey.snel.it mail._domainkey.snel.it. 86400 IN TXT "v=DKIM1; h=sha256; k=rsa; " "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+nMwhbTDrpjwNPHZgnMf2oxEZxJdphobs4bwNogyoxdWtwiSQfcGD1lGi9vEUwmT6IUQFq56XvmQsH0KhHsepV3lhSuiShPQ71sTEQrr9PQN8i8n+HujcJlIfOqytDeSezdZE1X04WSM3yOKwY2j5qchl7UvOmDU9ZFu2RqXBCBmRo1z3+yhCidLSBWAkOo8XWtJL9kNJDN0X" "3tjtc53DV4vz5gFn32H/g8siaCZb6sI0dYgpSQN3hf2dMk8lCj29uCZC0RbPlWjcMwuSeqsYGDwXCFMugyEpjGen/WCz5NKy6kF6e7U6tnvqA+Ydnc2JzX8x1SaF2m11X6sDNsewIDAQAB"