DKIM-Filter implements a Sendmail Mail Filter (Milter) for the DomainKeys Identified Mail (DKIM) standard. DKIM provides a way for senders to confirm their identity when sending email by adding a cryptographic signature to the headers of the message.
The dkim-milter implements both signing and verification.
NOTE: Starting with Ubuntu 10.04, dkim-filter is deprecated. Use the opendkim package instead. Configuration is generally similar to dkim-filter, but it is still actively maintained.
The dkim-filter package is available in the Universe repository. See InstallingSoftware for details on using package managers and enabling repositories.
As of Postfix version 2.3 the Sendmail version 8 milter protocol has been supported.
The main configuration options for DKIM-Filter are placed in /etc/dkim-filter.conf. To configure DKIM-Filter to only verify messages edit the file and uncomment the following lines:
Mode v X-Header yes On-BadSignature reject
Note: the X-Header line isn't strictly necessary, but having DKIM-Filter add a line to the message header can help in debugging problems.
After configuring DKIM-Filter start the service:
sudo /etc/init.d/dkim-filter start
Now Postfix needs to be configured to filter messages using the DKIM-Filter daemon. To configure Postfix from a terminal enter the following:
sudo postconf -e 'smtpd_milters = inet:localhost:8891'
Then restart Postfix to enable the new configuration:
sudo /etc/init.d/postfix restart
The best way to figure out problems with Postfix is to check the log files. Using the tail command you can see new log messages in real time:
tail -f /var/log/mail.log
Another way to make sure DKIM-Filter is working correctly is to enable the X-Header option as noted above. You will then be able to see the DKIM authentication results.
Note: this guide has been tested on Ubuntu 7.10 (Gutsy Gibbon).