Zimbra Tips : How To Enable DKIM/DomainKeys Checking/Verify for Incoming Email

Home » Zimbra » Zimbra Tips : How To Enable DKIM/DomainKeys Checking/Verify for Incoming Email
Zimbra 2 Comments

From previous article, you can configure and validate DKIM records on Zimbra which is used to increase email reputation. The configuration will increase reputation for outgoing email. But, how to enable DKIM/DomainKeys checking for incoming connection?

By enable DKIM/DomainKeys checking, you can reject every incoming email who did not have DKIM/DomainKeys. By default, Zimbra only configure OpenDKIM as signer. For configure OpenDKIM as verifier, you can follow these step

# Open openDKIM configuration

su - zimbra
vi /opt/zimbra/conf/opendkim.conf.in

adjust below configuration. save and exit

On-NoSignature reject
Mode sv

# Restart OpenDKIM

zmopendkimctl restart

The following is example log when receive email from domain who did not have DKIM

Mar 18 15:10:13 mail postfix/cleanup[22424]: 64728441B96: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 5.7.0 no DKIM signature data; from=<xxxx@xxxxxx.xxx> to=<xxxx@xxxxxx.xx.xx> proto=ESMTP helo=<xxx.xxxxx.xxx>
Mar 18 15:10:13 mail postfix/smtp[23944]: 94BC4441B99: to=<xxxx@xxxxx.xx.xx>, relay=127.0.0.1[127.0.0.1]:10030, delay=42, delays=42/0.02/0.02/0.09, dsn=5.7.0, status=bounced (host 127.0.0.1[127.0.0.1] said: 550 5.7.0 no DKIM signature data (in reply to end of DATA command))

Good luck and hopefully useful 🙂

2 thoughts on - Zimbra Tips : How To Enable DKIM/DomainKeys Checking/Verify for Incoming Email

LEAVE A COMMENT