OpenDKIM Postfix & CentOS

# yum install sendmail-devel
# yum install openssl-devel

--------------------------------------- 

... download opendkim from : http://sourceforge.net/projects/opendkim/files/

# tar xf opendkim-2.2.1.tar.gz

# cd opendkim-2.2.1

# ./configure

# make

# make install

---------------------------------------- 

# useradd -s /sbin/nologin opendkim-milt
# mkdir /etc/mail/dkim
# mkdir /etc/mail/dkim/keys

----------------------------------------

... create /etc/init.d/opendkim

#!/bin/bash
#
# opendkim    Start and stop opendkim.
 

# chkconfig: - 41 61
# description: opendkim
# processname: opendkim
# pidfile: /var/run/opendkim/dkim-milter.pid

### BEGIN INIT INFO
# Provides: opendkim
# Required-Start: opendkim
# Required-Stop: opendkim
# Short-Description: Start and stop OpenDKIM
# Description: DKIM milter
### END INIT INFO

# Adapted from Andrew Colin Kissa's  script for dkim-milter - 28-05-2009

. /etc/rc.d/init.d/functions

DAEMON=/usr/local/sbin/opendkim
RETVAL=0
PID_FILE=/var/run/opendkim/dkim-milter.pid

start() {
 echo -n $"Starting DKIM milter: "
 daemon $DAEMON -x /etc/opendkim.conf
 RETVAL=$?
 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/opendkim
 echo
 return $RETVAL
}

stop() {
 echo -n $"Stopping DKIM milter: "
 killproc -p $PID_FILE
 RETVAL=$?
 echo
 [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/opendkim
 return $RETVAL
}

restart() {
 stop
 start
}

case "$1" in
 start)
 start
 ;;
 stop)
 stop
 ;;
 restart)
 restart
 ;;
 status)
 status -p $PID_FILE
 ;;
 condrestart)
 [ -f /var/lock/subsys/opendkim ] && restart || :
 ;;
 *)
 echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
 exit 1
esac

exit $?

---------------------------------------------

... generate key

# mkdir /etc/mail/dkim/keys/example.com
# opendkim-genkey.sh -D /etc/mail/dkim/keys/example.com/ -d example.com -s default
# chown -R opendkim-milt:opendkim-milt /etc/mail/dkim/example.com
# mv /etc/mail/dkim/keys/example.com/default.private /etc/mail/dkim/keys/example.com/default 

---------------------------------------------

... create /etc/opendkim.conf

##
## opendkim.conf -- configuration file for OpenDKIM filter
##
ADSPAction              Continue
ADSPNoSuchDomain        Yes
AutoRestart             Yes
AutoRestartRate         10/1h
Canonicalization        simple/simple
ExternalIgnoreList      refile:/etc/mail/dkim/trusted-hosts
InternalHosts           refile:/etc/mail/dkim/trusted-hosts
KeyTable                refile:/etc/mail/dkim/keyTable
LogWhy                  Yes
On-Default              accept
On-BadSignature         accept
On-DNSError             tempfail
On-InternalError        accept
On-NoSignature          accept
On-Security             tempfail
PidFile                 /var/run/opendkim/dkim-milter.pid
SignatureAlgorithm      rsa-sha256
SigningTable            refile:/etc/mail/dkim/signingTable
Socket                  inet:20209@localhost
Syslog                  Yes
SyslogSuccess           Yes
TemporaryDirectory      /var/tmp
UMask                   022
UserID                  opendkim-milt:opendkim-milt
X-Header                Yes

-----------------------------------------

... create /etc/mail/dkim/keyTable

default._domainkey.example.com example.com:default:/etc/mail/dkim/keys/example.com/default

-----------------------------------------

... create /etc/mail/dkim/signingTable

*@example.com default._domainkey.example.com

-----------------------------------------

... create /etc/mail/dkim/trusted-hosts

127.0.0.1

.........

-----------------------------------------

# mkdir /var/run/opendkim

# chown -R opendkim-milt:opendkim-milt /etc/mail/dkim

# chmod -R go-wrx /etc/mail/dkim/keys 

# chown -R opendkim-milt:opendkim-milt /var/run/opendkim

-----------------------------------------

... postfix configuration

......... 

smtpd_milters = inet:localhost:20209
non_smtpd_milters = inet:localhost:20209
milter_protocol = 2
milter_default_action = accept

........ 

-----------------------------------------

... start opendkim

# /etc/init.d/opendkim start

# chkconfig opendkim on