$enable_dkim_verification = 1;
$enable_dkim_signing = 1;
dkim_key(“deass.net”, ‘“dkim”, “/etc/pki/tls/private/deass-dkim.key.pem”);
@dkim_signature_options_bysender_maps = (
{ “deass.net” => { d => “deass.net”, a => ‘rsa-sha256’, ttl => 10243600’ } } );
$originating = 1;
ADD LOGING
$log_level = 5;
send mail to check-auth@verifier.port25.com and it ansver to you with all info about your mail .
https://www.port25.com/support/authentication-center/email-verification/
GoodMorning Everyones;
So yesterday I did yum upgrade, change my plan at DigitalOcean for a bigger server
and figure my public DNS propagation was’nt totally spread because, sometimes, I was receiving a response from my old smtp.
So this morning I emailed at check-auth@verifier.port25.com
with and without the AntiVirus on and
1st : it’s work I send and receive
2nd : I receive the same result.
###Summary of Results
SPF check: pass
DomainKeys check: neutral
DKIM check: pass
Sender-ID check: pass
SpamAssassin check: ham
Everything looks good for me, and you ?
Thanks for your concern 
all is ok ! have a nice Ride
When I type hostname -f
I get SERVER.DOMAIN not SERVER.DOMAIN.TLD
so to get SERVER.DOMAIN.TLD
I had to set my domain to DOMAIN.TLD ie. example.com
Silly mistake, Reading is fundamental, I wish I read the documentation before installing and using the software. ooppss…
@JOduMonT Also Please Note in your Original Post please stress the importance that the CNAME records MUST end with a period (.) To aid with deliver-ability I would like to ask for you to add to your original post a section about RDNS and advising the Admins to contact their ISPs to configure reverse DNS
at&t uverse rdns request form - https://www.att.com/gen/general?pid=17307&cdvn=formbuilder&formName=ATT_DSL_Uverse_DNS_Request_Form_1600
thank @tzar, i’ll look on it when i’ll understand how to take the right to edit my post 
GoodLuck with asking to configure the r-dns to your ISP,
unless it’s a professional ISP.
Please retype the minute I install command, respectively.
give me error
amavisd -u amavis -g amavis showkeys
Error in config file “/etc/amavisd.conf”
I’m sure the error is different and it says which line the error is. Look at the line and you’ll find the problem.
Please, cut’n’paste the error (or take a picture/screenshot).
# amavisd -u amavis -g amavis showkeys
**No DKIM private keys declared in a config file. **ERROR****I get an error in the command. It has engaged in the installation process.?
amavisd -u amavis -g amavis showkeys
No DKIM private keys declared in a config file
Generate it by yourself and add in custom template of amavisd
@giacomo @davidep @filippo_carletti @Ctek @alefattorini
maybe we should inplement this feature , for Security reason and Validation ?
almoust all have been done , staging :
amavisd genrsa /etc/pki/tls/private/new_domain.com.pem 2048
add to /etc/amavisd/amavisd.conf
$enable_dkim_signing = 1;
dkim_key(“new_domain.com”, ‘“dkim”, “/etc/pki/tls/private//new_domain.com.pem”);
@dkim_signature_options_bysender_maps = (
{ “new_domain.com” => { d => “new_domain.com”, a => ‘rsa-sha256’, ttl => 10243600’ } } );
$originating = 1;
#$log_level = 5; # optional
Add to web interface feature, when we create a domain it should generate DKIM and should be shown on it for copying it to provider (DNS server)
Even we should create dkim key in db domains .
I think that the first implementation could live without a web interface.
We need to automatically create the key during domain creation.
The interface has to show the key only, it shouldn’t be hard to add.
$enable_dkim_verification is to check incoming mail, it could be a default regardless of this sign feature.
Yes, it would be great , when domain is created amavis should gen key and put it to db domains , and web ui could simply read key 
I updated issue 1910 (http://dev.nethserver.org/issues/1910), but I’m still unsure about effectiveness of dkim (I’m using it).
Who has experience and wants to contribute data could add comments here.
@filippo_carletti DKIM is only for validating of our MAIL server for external servers like GOOGLE and so on , so without DKIM google could mark our letter like spam.
It’s not that easy, you control (through dns) how others should behave regarding dkim. And dkim setup is easy for a spammer. Assuming dkim pass as an ham indicator is a bad idea.
This is my second time doing DKIM, per the instructions on this page, this time I get the following errors:
amavisd -u amavis -g amavis showkeys#
No DKIM private keys declared in a config file
amavisd -u amavis -g amavis showkeys
Error in config file “/etc/amavisd.conf”: Undefined subroutine &Amavis::Conf::HASH called at /etc/amavisd.conf line 295.
sed -n 291,300p /etc/amavisd.conf
$enable_dkim_verification = 1;
$enable_dkim_signing = 1;
dkim_key(‘example.com’, ‘dkim’, ‘/etc/pki/tls/private/example.com-dkim.key.pem’);
@dkim_signature_options_bysender_maps = (
HASH(0x14c88f0) );
ls -alF /etc/pki/tls/private
-rw-------. 1 root root 1675 Jan 14 23:11 server1.example.com.pem
-rw-------. 1 root root 1704 Sep 1 18:55 httpd-admin.key
-rw-------. 1 root root 1704 Sep 1 19:58 localhost.key
-rw-------. 1 root root 1704 Sep 1 18:54 NSRV.key
-rw-r-----. 1 root amavis 891 Jan 14 22:56 example.com-dkim.key.pem
cat /etc/e-smith/templates-custom/etc/amavisd.conf/95dkim
$enable_dkim_verification = 1;
$enable_dkim_signing = 1;
dkim_key(‘example.com’, ‘dkim’, ‘/etc/pki/tls/private/example.com-dkim.key.pem’);
@dkim_signature_options_bysender_maps = (
{ ‘.’ => { ttl => 21243600, c => ‘relaxed/relaxed’ } } );
Where did I go WRONG?
Could you check all backslashes are in place in /etc/e-smith/templates-custom/etc/amavisd.conf/95dkim
@dkim_signature_options_bysender_maps = ( \{ '.' => \{ ttl => 21*24*3600, c => 'relaxed/simple' \} \} );
Hi @tzar,
Please regenerate this file by the command below:
signal-event nethserver-mail-filter-update
amavisd -u amavis -g amavis -c /etc/amavisd.conf showkeys