How to Configure DKIM with Multiple Domains and use in Postfix in Debian

Jun 02, 2020

In this post I show how to create DKIM keys with opendkim for multiple domains and use them in Postfix in Debian. I used Debian Buster.

Step 1 – Install, configure and gen keys for the domains

apt install opendkim opendkim-tools

In the file /etc/opendkim.conf change Socket to inet:8892@localhost and add the lines:

KeyTable file:/etc/dkimkeys/keytable
SigningTable file:/etc/dkimkeys/signingtable

Now lets generate the key domains. Repeat this command for every domain.

sudo -u opendkim opendkim-genkey -D /etc/dkimkeys -d -s domaincom

Final steps is create KeyTable/SigningTable files and add entries for your domains.

sudo -u opendkim nano /etc/dkimkeys/keytable
... (other domains)

Now SigningTable file.

sudo -u opendkim nano /etc/dkimkeys/signingtable
... (other domains)

Done! Now just restart opendkim.

systemctl restart opendkim

Step 2 – Configure Postfix

Is very simple, just add the lines below to your

milter_default_action = accept
smtpd_milters = inet:localhost:8892
non_smtpd_milters = $smtpd_milters

And restart Postfix.

Final Step – Add TXT entries for your domains

To use DKIM you must publish your public DKIM key for each domain. This is done by creating a TXT record in your DNS Zone. The data about DNS are in the files /etc/dkimkeys/*.txt Below I used as an example of the DNS entry that you must need to add.

Type: TXT
Host: domaincom._domainkey
Value: v=DKIM1; h=sha256; k=rsa; p=...

That’s it.


Back to talau's home