Issue:
How to configure a DKIM in Mirapoint system
Solution:
1.- Enable DKIM feature in Mirapoint system with the following command:
CLI> conf enable DKIM
2.- Log into the domain which want to create the key from.
CLI> domain setcurren domain2.com
3.- Under specific domain create we have create the DKIM key with the following command:
CLI(domain2.com)>Key New type interface hostname arguments
where:
◆ type is the key category, which must be Dkim, Mta, Auth, or Pop.
◆ interface is the network address, which must be "" for all key types except DKIM, for which it must be valid as described in RFC-4871, section 3.1.
◆ hostname is the system name for the created key. If it is not null string (""), localhost, or the hostname of this appliance, a warning results, but the key is created anyhow. You can create a useless key by passing a bogus hostname. When a key is created, POP, AUTH, and MTA keys are created for all interfaces on hostname. For DKIM, a new key can be created only for the current domain, so use the null string ("").
◆ arguments specify options, and must be "" for all keys.
Note: Normally on interface is used the term "Selector" as in the protocol reference says.
Example:
CLI> Key New Dkim "Selector" "" ""
OK Completed
4.- Now that the key is created is time to assign it to one domain.
First of all need to gather the DKIM key with the following command:
CLI> Key get dkim "Selector"
It will show a string between these 2 lines:
#@Mirapoint-Key-1.0
......
......
#@Mirapoint-Key-End
Once the key is obtained is time to assign it to the domain we decided with the following command:
CLI>key set dkim "Selector"
It will show this:
Enter key stream, finish with a '.' on a line by itself:
The key obtained by the command "key get" should be pasted here and finished with a dot.
5.- Now the key is assigned to a domain, if the mail needs to be more secure to avoid sending spam or so, the following instructions needs to be done as well.
CLI> dkim enable signing
CLI> dkim enable verification
◆ Signing - enables the signing of messages selected in the current domain.
◆ Verification - enables signature verification of messages destined for the current domain.
The last step to make the mail more secure is to set the public Key in the DNS records of the domain DKIMed as TXT record.
The Public Key is obtained with the following command:
CLI> key getpublic dkim "Selector"
NOTE: All the "key" commands should be executed in the delegated domain we are configuring to use DKIM.
Comments
0 comments
Please sign in to leave a comment.