DKIM-Filter implements a Sendmail Mail Filter (Milter) for the DomainKeys Identified Mail (DKIM) standard. DKIM provides a way for senders to confirm their identity when sending email by adding a cryptographic signature to the headers of the message.

The dkim-milter implements both signing and verification.

NOTE: Starting with Ubuntu 10.04, dkim-filter is deprecated. Use the opendkim package instead. Configuration is generally similar to dkim-filter, but it is still actively maintained.


The dkim-filter package is available in the Universe repository. See InstallingSoftware for details on using package managers and enabling repositories.


As of Postfix version 2.3 the Sendmail version 8 milter protocol has been supported.


The main configuration options for DKIM-Filter are placed in /etc/dkim-filter.conf. To configure DKIM-Filter to only verify messages edit the file and uncomment the following lines:

Mode                    v
X-Header                yes
On-BadSignature         reject

Note: the X-Header line isn't strictly necessary, but having DKIM-Filter add a line to the message header can help in debugging problems.

After configuring DKIM-Filter start the service:

sudo /etc/init.d/dkim-filter start


Now Postfix needs to be configured to filter messages using the DKIM-Filter daemon. To configure Postfix from a terminal enter the following:

sudo postconf -e 'smtpd_milters = inet:localhost:8891'

Then restart Postfix to enable the new configuration:

sudo /etc/init.d/postfix restart


The best way to figure out problems with Postfix is to check the log files. Using the tail command you can see new log messages in real time:

tail -f /var/log/mail.log

Another way to make sure DKIM-Filter is working correctly is to enable the X-Header option as noted above. You will then be able to see the DKIM authentication results.

Note: this guide has been tested on Ubuntu 7.10 (Gutsy Gibbon).

PostfixDKIM-Filter (last edited 2010-04-12 20:46:07 by kitterman)