$ doas pkg_add dkimproxy $ openssl genrsa -out ~/private.key 1024 $ openssl rsa -in ~/private.key -pubout -out ~/public.key $ doas mkdir /etc/dkimproxy $ doas mv ~/{public,private}.key /etc/dkimproxy/ $ doas chown -R _dkimproxy:_dkimproxy /etc/dkimproxy*
/etc/dkimproxy_out.conf:
# specify what address/port DKIMproxy should listen on listen 127.0.0.1:10027 # specify what address/port DKIMproxy forwards mail to relay 127.0.0.1:10028 # specify what domains DKIMproxy can sign for (comma-separated, no spaces) domain ircnow.org,mail.ircnow.org,lecturify.com # specify what signatures to add signature dkim(c=relaxed) signature domainkeys(c=nofws) # specify location of the private key keyfile /etc/dkimproxy/private.key # specify the selector (i.e. the name of the key record put in DNS) selector mail1 # control how many processes DKIMproxy uses # - more information on these options (and others) can be found by # running `perldoc Net::Server::PreFork'. #min_servers 5 #min_spare_servers 2 reject-error
$ doas rcctl enable dkimproxy_out $ doas rcctl start dkimproxy_out