{"id":11234,"date":"2022-05-01T03:52:17","date_gmt":"2022-04-30T18:52:17","guid":{"rendered":"http:\/\/www.webcyou.com\/?p=11234"},"modified":"2022-05-02T16:39:02","modified_gmt":"2022-05-02T07:39:02","slug":"ubuntu-20-04-lts-%e3%82%b5%e3%83%bc%e3%83%90%e6%a7%8b%e7%af%89-dkim%e3%80%81dmarc%e3%82%92%e8%a8%ad%e5%ae%9a%e3%81%99%e3%82%8b","status":"publish","type":"post","link":"https:\/\/www.webcyou.com\/?p=11234","title":{"rendered":"Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 &#8211; DKIM\u3001DMARC\u3092\u8a2d\u5b9a\u3059\u308b"},"content":{"rendered":"<p>\u524d\u56de\u306e<a href=\"https:\/\/www.webcyou.com\/?p=11230\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Postfix Let\u2019s Encrypt\u3067TLS\u5316<\/a>\u306e\u7d9a\u304d\u3067\u3059\u3002<\/p>\n<p>\u4eca\u56de\u306fOpenDKIM\u3092\u7528\u3044\u3066DKIM\u3001DMARC\u3092\u8a2d\u5b9a\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<h4>\u30e1\u30cb\u30e5\u30fc<\/h4>\n<ul>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11191\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 \u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7<\/a><\/li>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11197\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Nginx\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/a><\/li>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11205\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Let\u2019s Encrypt\u3067SSL\/TLS\u5316<\/a><\/li>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11211\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Postfix\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/a><\/li>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11218\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Dovecot\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/a><\/li>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11221\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Postfix SASL\u8a8d\u8a3c<\/a><\/li>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11230\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Postfix Let\u2019s Encrypt\u3067TLS\u5316<\/a><\/li>\n<li><a href=\"https:\/\/www.webcyou.com\/?p=11234\">Ubuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 DKIM\u3001DMARC\u3092\u8a2d\u5b9a\u3059\u308b<\/a><\/li>\n<\/ul>\n<h4>OpenDKIM\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo apt install opendkim opendkim-tools<\/pre>\n<p><strong>\u30e6\u30fc\u30b6postfix\u3092\u30b0\u30eb\u30fc\u30d7opendkim\u306b\u8ffd\u52a0<\/strong><\/p>\n<p>OpenDKIM\u306e\u5404\u7a2e\u30d5\u30a1\u30a4\u30eb\u985e\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u69d8\u306b\u3001Postfix\u306e\u30d7\u30ed\u30bb\u30b9\u5b9f\u884c\u30e6\u30fc\u30b6\u3067\u3042\u308b\u30e6\u30fc\u30b6postfix\u3092\u30b0\u30eb\u30fc\u30d7opendkim\u306b\u8ffd\u52a0<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo gpasswd -a postfix opendkim<\/pre>\n<h4>opendkim \u79d8\u5bc6\u9375\u306e\u4f5c\u6210<\/h4>\n<h5>\u30ad\u30fc\u30da\u30a2\u4fdd\u5b58\u7528\u306e\u30d5\u30a9\u30eb\u30c0\u4f5c\u6210<\/h5>\n<p>opendkim\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u308b\u3068\u3001\u30ad\u30fc\u30da\u30a2\uff08\u79d8\u5bc6\u9375\uff0f\u516c\u958b\u9375\uff09\u304c <strong>\/etc\/opendkim\/keys<\/strong> \u306b\u30d5\u30a1\u30a4\u30eb\u304c\u4f5c\u6210\u3055\u308c\u307e\u3059\u3002\u30de\u30eb\u30c1\u30c9\u30e1\u30a4\u30f3\u3082\u8003\u616e\u3057\u3001\u9069\u5fdc\u30c9\u30e1\u30a4\u30f3\u7528\u306b\u30d5\u30a9\u30eb\u30c0\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo mkdir -p \/etc\/opendkim\/keys\/example.com<\/pre>\n<h5>\u30ad\u30fc\u30da\u30a2\uff08\u79d8\u5bc6\u9375\uff0f\u516c\u958b\u9375\uff09\u306e\u4f5c\u6210<\/h5>\n<p>opendkim-genkey\u30b3\u30de\u30f3\u30c9\u7528\u3044\u3066\u3001\u96fb\u5b50\u7f72\u540d\u7528\u306e\u30ad\u30fc\u30da\u30a2\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">opendkim-genkey -b &#x5B;\u9375\u9577] -d &#x5B;\u5bfe\u8c61\u30c9\u30e1\u30a4\u30f3\u540d] -D &#x5B;\u30d5\u30a1\u30a4\u30eb\u306e\u4fdd\u5b58\u30d1\u30b9] -s &#x5B;\u30bb\u30ec\u30af\u30bf\u540d]<\/pre>\n<p>&#8220;-s&#8221; \u306e\u30bb\u30ec\u30af\u30bf\u540d\u306f\u3001\u96fb\u5b50\u7f72\u540d\u30d8\u30c3\u30c0\u30fc\u306b\u8868\u793a\u3055\u308c\u308b\u30e9\u30d9\u30eb\u3067\u4efb\u610f\u6307\u5b9a\u3067\u3059\u3002<\/p>\n<p>\u30bb\u30ec\u30af\u30bf\u540d\u306f\u30d5\u30a1\u30a4\u30eb\u306e\u4f5c\u6210\u65e5\u3092\u5229\u7528\u3059\u308b\u30b1\u30fc\u30b9\u304c\u591a\u3044\u306e\u3067\u3059\u304c\u3001\u300cdefault\u300d\u3001\u9375\u9577\uff08-b\uff09\u30922048bit\u3068\u3057\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo opendkim-genkey -b 2048 -d example.com -D \/etc\/opendkim\/keys\/example.com -s default<\/pre>\n<p>\u30ad\u30fc\u30da\u30a2\u30d5\u30a1\u30a4\u30eb\u306b\u554f\u984c\u306a\u3044\u304b\u78ba\u8a8d\u3002default.private\u3068default.txt\u304c\u4f5c\u6210\u3055\u308c\u3066\u3044\u308b\u306e\u3092\u78ba\u8a8d\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ ls -al \/etc\/opendkim\/keys\/example.com\/\r\ntotal 16\r\ndrwxr-xr-x 2 root root 4096 Apr  9 02:23 .\r\ndrwxr-xr-x 3 root root 4096 Apr  9 02:20 ..\r\n-rw------- 1 root root 1675 Apr  9 02:23 default.private\r\n-rw------- 1 root root  513 Apr  9 02:23 default.txt<\/pre>\n<p><strong>\u30ad\u30fc\u30da\u30a2\uff08\u79d8\u5bc6\u9375\uff0f\u516c\u958b\u9375\uff09\u30d5\u30a1\u30a4\u30eb\u306e\u6240\u6709\u8005\u5909\u66f4<\/strong><\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo chown -R opendkim:opendkim \/etc\/opendkim\/keys\/example.com\/<\/pre>\n<p>\u5909\u66f4\u78ba\u8a8d<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ ls -al \/etc\/opendkim\/keys\/example.com\/\r\ntotal 16\r\ndrwxr-xr-x 2 opendkim opendkim 4096 Apr  9 02:23 .\r\ndrwxr-xr-x 3 root     root     4096 Apr  9 02:20 ..\r\n-rw------- 1 opendkim opendkim 1675 Apr  9 02:23 default.private\r\n-rw------- 1 opendkim opendkim  513 Apr  9 02:23 default.txt<\/pre>\n<h4>DNS\u306e\u8a2d\u5b9a<\/h4>\n<p><strong>\u516c\u958b\u9375\u306e\u78ba\u8a8d<\/strong><\/p>\n<p>DNS\u30b5\u30fc\u30d0\u30fc\u3078\u767b\u9332\u3059\u308b\u516c\u958b\u9375\u306e\u60c5\u5831\u306f\u201ddefault.txt\u201d\u306b\u8a18\u8f09\u3055\u308c\u3066\u3044\u308b\u306e\u3067\u5185\u5bb9\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo cat \/etc\/opendkim\/keys\/example.com\/default.txt\r\ndefault._domainkey\tIN\tTXT\t( \"v=DKIM1; h=sha256; k=rsa; \"\r\n\t  \"p=MIIBIjANBakqhsiG6w0BAQEFAAOCAQ5AMIIBCgKCAQEA0LFZJSciP0bBwJyOqlNnyTPaHQY1mRaRxSttnNIdPbwuHD+HGcx8gPc4gTlMytnWUvo4IG7xCX7Aou3uf3hssnpNi5g2eoiGWIzGTQ9yIuaIrR51cMDbBeCWfkHmtLszfo8VwUCv2dTgkla4sX3umoeDIpjUMVbTXDtWQbZlnTnMD4CNCuTq9aXiUbEOhoV+VBDck+\/m3\/awFs\"\r\n\t  \"G6dECELfwPwFehTFl1TkNHIKa2VkbR2Z1Sw\/zmC3+51kFIEYe6lUFAgt50XFyzpoalKppxd8rbKNkIFwQOlXHGNUo0mLnSyX\/5NPIGky4sQRYxAOeQAZcBzsWSUCqOb1Iq+dud0QIDAQAB\" )  ; ----- DKIM key default for example.com<\/pre>\n<p>\u516c\u958b\u9375\u30d5\u30a1\u30a4\u30eb\u306b\u542b\u307e\u308c\u308b\u60c5\u5831\u306f\u4ee5\u4e0b\u306e\u3068\u304a\u308a\u3068\u306a\u308a\u3001\u3053\u308c\u3089\u3092DNS\u3078\u306e\u30ec\u30b3\u30fc\u30c9\u8a2d\u5b9a\u3092\u8ffd\u52a0\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<table>\n<tbody>\n<tr>\n<td style=\"width: 10px;\">v=DKIM1<\/td>\n<td>key\u30ec\u30b3\u30fc\u30c9\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u756a\u53f7\uff08\u6307\u5b9a\u3059\u308b\u5834\u5408\u306fDKIM1\uff09<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10px;\">k=rsa<\/td>\n<td>\u96fb\u5b50\u7f72\u540d\u306e\u4f5c\u6210\u306b\u5229\u7528\u3067\u304d\u308b\u9375\u306e\u5f62\u5f0f\u3001DKIM\u3067\u306fRSA\u306e\u307f\u30b5\u30dd\u30fc\u30c8<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 10px;\">p=&#8230;.<\/td>\n<td>\u00a0\u516c\u958b\u9375\u30c7\u30fc\u30bf\uff08cat\u3067\u78ba\u8a8d\u3059\u308b\u3068\u3001\u201d\u3067\u5206\u5272\u3055\u308c\u3066\u3044\u308b\u53ef\u80fd\u6027\u3042\u308a\u3002\u7d50\u5408\u304c\u5fc5\u8981\uff09<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h5>DNS\u30b5\u30fc\u30d0\u30fc\u3078\u306e\u516c\u958b\u9375\u8a2d\u5b9a<\/h5>\n<p>\u516c\u958b\u9375\u3092DNS\u30b5\u30fc\u30d0\u30fc\u3078\u8a2d\u5b9a\u3057\u3066\u3044\u304d\u307e\u3059\u3002\u8a2d\u5b9a\u304c\u5fc5\u8981\u3068\u306a\u308b\u306e\u306f\u300c\u516c\u958b\u9375\u7528\u30ec\u30b3\u30fc\u30c9\u300d\u3068\u300cDKIM\u30dd\u30ea\u30b7\u30fc\u7528\u30ec\u30b3\u30fc\u30c9\u300d\u306e\uff12\u30ec\u30b3\u30fc\u30c9\u3067\u3059\u3002<\/p>\n<p>\u5404\u8a2d\u5b9a\u306f\u516c\u958b\u9375\u306e\u60c5\u5831\u3092\u5143\u306b\u8ffd\u52a0\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">&lt;\u30bb\u30ec\u30af\u30bf&gt;._domainkey.&lt;\u30c9\u30e1\u30a4\u30f3\u540d&gt;<\/pre>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">v=DKIM1; k=rsa; p=MIIBIjANBak.....<\/pre>\n<p>DNS\u30b5\u30fc\u30d0\u30fc\u3078\u516c\u958b\u9375\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<table>\n<tbody>\n<tr>\n<td style=\"width: 60px;\">\u30db\u30b9\u30c8\u540d<\/td>\n<td>default._domainkey.(example.com)<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">TYPE<\/td>\n<td>TXT<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">TTL<\/td>\n<td>500<\/td>\n<\/tr>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">VALUE<\/td>\n<td>v=DKIM1; k=rsa; p=MIIBIjANBak&#8230;..<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u304a\u540d\u524d\u30c9\u30c3\u30c8\u30b3\u30e0\u3067\u306f\u3001DNS\u306e\u30ec\u30b3\u30fc\u30c9\u8ffd\u52a0\u306f\u4ee5\u4e0b\u306e\u69d8\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/domainkey.png\" alt=\"\" width=\"671\" height=\"110\" class=\"alignnone size-full wp-image-11235\" srcset=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/domainkey.png 671w, https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/domainkey-300x49.png 300w\" sizes=\"auto, (max-width: 671px) 100vw, 671px\" \/><\/p>\n<h5>DNS\u30b5\u30fc\u30d0\u30fc\u3078\u306eADSP\u30ec\u30b3\u30fc\u30c9\u306e\u767b\u9332<\/h5>\n<p>DKIM\u7f72\u540d\u304c\u6709\u52b9\u3067\u306a\u3044\u30e1\u30fc\u30eb\u306e\u6271\u3044\u3092\u8a2d\u5b9a\u3059\u308b\u305f\u3081\u306eADSP\u30ec\u30b3\u30fc\u30c9\u3092\u767b\u9332\u3057\u307e\u3059\u3002<\/p>\n<p>\u8a2d\u5b9a\u5024\u3068\u3057\u3066<\/p>\n<ul>\n<li>all<\/li>\n<li>unknown<\/li>\n<li>discardable<\/li>\n<\/ul>\n<p>\u3069\u308c\u304b\u3092\u8a2d\u5b9a\u3002<\/p>\n<table>\n<tbody>\n<tr>\n<td style=\"width: 60px;\">\u30db\u30b9\u30c8\u540d<\/td>\n<td>_adsp._domainkey.(example.com)<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">TYPE<\/td>\n<td>TXT<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">TTL<\/td>\n<td>500<\/td>\n<\/tr>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">VALUE<\/td>\n<td>dkim=unknown<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u304a\u540d\u524d\u30c9\u30c3\u30c8\u30b3\u30e0\u3067\u306f\u3001DNS\u306e\u30ec\u30b3\u30fc\u30c9\u8ffd\u52a0\u306f\u4ee5\u4e0b\u306e\u69d8\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/adsp.png\" alt=\"\" width=\"668\" height=\"110\" class=\"alignnone size-full wp-image-11236\" srcset=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/adsp.png 668w, https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/adsp-300x49.png 300w\" sizes=\"auto, (max-width: 668px) 100vw, 668px\" \/><\/p>\n<h5>DNS\u30b5\u30fc\u30d0\u30fc DKIM\u8a2d\u5b9a\u78ba\u8a8d<\/h5>\n<p>DNS\u30b5\u30fc\u30d0\u30fc DKIM\u7528\u30ec\u30b3\u30fc\u30c9\u306eTXT\u30ec\u30b3\u30fc\u30c9\u306e\u8a2d\u5b9a\u5b8c\u4e86\u3057\u307e\u3057\u305f\u3089\u3001\u8a2d\u5b9a\u3067\u304d\u3066\u3044\u308b\u304b\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<p>opendkim-testkey\u30b3\u30de\u30f3\u30c9\u3067\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo opendkim-testkey -d example.com -s default -vvv<\/pre>\n<p>key OK\u3068\u7d50\u679c\u304c\u8868\u793a\u3055\u308c\u308c\u3070\u8a2d\u5b9a\u306f\u5927\u4e08\u592b\u3067\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">opendkim-testkey: using default configfile \/etc\/opendkim.conf\r\nopendkim-testkey: checking key 'default._domainkey.example.com'\r\nopendkim-testkey: key not secure\r\nopendkim-testkey: key OK<\/pre>\n<p>3\u884c\u76ee\u306e\u7d50\u679c\u304c\u3001\u300ckey not secure\u300d\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u304c\u3001DNSSEC\u3092\u5229\u7528\u3057\u3066\u3044\u306a\u3044\u5834\u5408\u306b\u305d\u306e\u7d50\u679c\u3068\u306a\u308a\u307e\u3059\u306e\u3067\u3001\u4e00\u65e6\u306f\u30b9\u30eb\u30fc\u3067\u8ffd\u3063\u3066\u8a2d\u5b9a\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<p>\u305d\u306e\u4ed6\u3001dig\u30b3\u30de\u30f3\u30c9\u3092\u7528\u3044\u3066\u78ba\u8a8d\u3082\u884c\u3048\u307e\u3059\u3002<\/p>\n<p><strong>\u516c\u958b\u9375\u306e\u78ba\u8a8d<\/strong><\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ dig default._domainkey.example.com txt<\/pre>\n<p>\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u5fdc\u7b54\u304c\u3042\u308c\u3070\u3001\u6b63\u5e38\u306b\u8a2d\u5b9a\u304c\u5b8c\u4e86<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">; &lt;&lt;&gt;&gt; DiG 9.16.1-Ubuntu &lt;&lt;&gt;&gt; default._domainkey.example.com txt\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 22532\r\n;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1\r\n\r\n;; OPT PSEUDOSECTION:\r\n; EDNS: version: 0, flags:; udp: 65494\r\n;; QUESTION SECTION:\r\n;default._domainkey.example.com. IN TXT\r\n\r\n;; ANSWER SECTION:\r\ndefault._domainkey.example.com. 500 IN TXT &quot;v=DKIM1; k=rsa; p=MIIBIjANBdkfgfaG2w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdFb8A\/h6OJ\/vMa5KVros3OCNj32VRW9Eq9Hf6a2e1xxzH34FlhN8bG8nF3+veDDN0ACzDpfeJCsXmCkkSBOP2yPGuOa\/QwDrzWEv1u0sAnTBVmtmp4URwVsxo02Wjpod\/3TEFa6fjIj+o2e4BaBasHrN+H1A2H2My8wFccHSQ2WnbYR1IPdjwUsMndLNCKtn&quot; &quot;p12LUVPY+i+1e&quot;\r\n\r\n;; Query time: 164 msec\r\n;; SERVER: 127.0.0.53#53(127.0.0.53)\r\n;; WHEN: Sat Apr 09 02:39:15 JST 2022\r\n;; MSG SIZE  rcvd: 347<\/pre>\n<p><strong>DKIM\u30dd\u30ea\u30b7\u30fc\u30ec\u30b3\u30fc\u30c9\uff08ADSP\uff09\u306e\u78ba\u8a8d<\/strong><\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ dig _adsp._domainkey.example.com txt<\/pre>\n<p>\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u5fdc\u7b54\u304c\u3042\u308c\u3070\u3001\u6b63\u5e38\u306b\u8a2d\u5b9a\u304c\u5b8c\u4e86<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">; &lt;&lt;&gt;&gt; DiG 9.16.1-Ubuntu &lt;&lt;&gt;&gt; _adsp._domainkey.example.com txt\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 40779\r\n;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1\r\n\r\n;; OPT PSEUDOSECTION:\r\n; EDNS: version: 0, flags:; udp: 65494\r\n;; QUESTION SECTION:\r\n;_adsp._domainkey.example.com. IN\tTXT\r\n\r\n;; ANSWER SECTION:\r\n_adsp._domainkey.example.com. 500\tIN TXT\t&quot;dkim=unknown&quot;\r\n\r\n;; Query time: 164 msec\r\n;; SERVER: 127.0.0.53#53(127.0.0.53)\r\n;; WHEN: Sat Apr 09 02:39:47 JST 2022\r\n;; MSG SIZE  rcvd: 88<\/pre>\n<p>\u305d\u306e\u4ed6\u3001\u30a6\u30a7\u30d6\u30b5\u30fc\u30d3\u30b9\u3067\u3082DKIM\u30c1\u30a7\u30c3\u30af\u304c\u884c\u3048\u307e\u3059\u3002<\/p>\n<p><a href=\"https:\/\/mxtoolbox.com\/\" rel=\"noopener\" target=\"_blank\">https:\/\/mxtoolbox.com\/<\/a><\/p>\n<h4>opendkim\u306e\u8a2d\u5b9a<\/h4>\n<p>DKIM\u3092\u5229\u7528\u3059\u308b\u305f\u3081<\/p>\n<p>&#8211; opendkim\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<br \/>\n&#8211; \u96fb\u5b50\u7f72\u540d\u7528\u30d5\u30a1\u30a4\u30eb\u306e\u4f5c\u6210<br \/>\n&#8211; DNS\u3078\u306e\u516c\u958b\u9375\u767b\u9332<\/p>\n<p>\u307e\u3067\u7d42\u308f\u308a\u307e\u3057\u305f\u306e\u3067\u3001opendkim\u306e\u8a2d\u5b9a\u3092\u884c\u3063\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<h5>OpenDKIM\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u7de8\u96c6<\/h5>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo vim \/etc\/opendkim.conf<\/pre>\n<p>\u4e0b\u8a183\u884c\u3092\u30b3\u30e1\u30f3\u30c8\u3092\u5916\u3057\u3001Canonicalization\u306e\u30d1\u30e9\u30e1\u30fc\u30bf <strong>simple \u2192 relaxe\/simple<\/strong> \u306b\u5909\u66f4<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\"># Commonly-used options; the commented-out versions show the defaults.\r\n#Canonicalization simple\r\n#Mode sv\r\n#SubDomains no\r\n\r\n\u2193\r\n\r\nCanonicalization relaxed\/simple\r\nMode sv\r\nSubDomains no<\/pre>\n<p>Socket\u306e\u7b87\u6240\u3082\u30b3\u30e1\u30f3\u30c8\u30a2\u30a6\u30c8\u3092\u5909\u66f4\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">Socket inet:8892@localhost\r\n#Socket local:\/run\/opendkim\/opendkim.sock<\/pre>\n<p>\u4e0b\u8a18\u3092\u672b\u5c3e\u306b\u8ffd\u52a0\u3057\u307e\u3059<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">KeyTable refile:\/etc\/opendkim\/key.table\r\nSigningTable refile:\/etc\/opendkim\/signing.table\r\nExternalIgnoreList \/etc\/opendkim\/trusted.hosts\r\nInternalHosts \/etc\/opendkim\/trusted.hosts<\/pre>\n<p>xternalIgnoreList\u3068InternalHosts\u306e\u30d1\u30e9\u30e1\u30fc\u30bf\u304c\u540c\u3058\u3067\u3059\u304c\u3001\u4ee5\u4e0b\u306e\u3068\u304a\u308a\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n<ul>\n<li>ExternalIgnoreList: \u30ed\u30fc\u30ab\u30eb\u30db\u30b9\u30c8\u304b\u3089\u30ed\u30fc\u30ab\u30eb\u30db\u30b9\u30c8\u306b\u914d\u9001\u3055\u308c\u308b\u30e1\u30fc\u30eb\u306f\u8a8d\u8a3c\u4e0d\u8981<\/li>\n<li>InternalHosts: \u30ed\u30fc\u30ab\u30eb\u30db\u30b9\u30c8\u304b\u3089\u5916\u90e8\u306b\u30e1\u30fc\u30eb\u3092\u914d\u9001\u3059\u308b\u5834\u5408\u306b\u306f\u8a8d\u8a3c\u304c\u5fc5\u9808<\/li>\n<\/ul>\n<h5>Signing Table\u4f5c\u6210<\/h5>\n<p><strong>\/etc\/opendkim\/signing.table<\/strong>\u3092\u4f5c\u6210\u3002opendkim.comf\u306e SighningTable\u30c7\u30a3\u30ec\u30af\u30c6\u30a3\u30d6<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo vim \/etc\/opendkim\/signing.table<\/pre>\n<p>\u30c9\u30e1\u30a4\u30f3\u540d\u306f\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u30c9\u30e1\u30a4\u30f3\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">*@example.com default._domainkey.example.com<\/pre>\n<h5>Key Table\u4f5c\u6210<\/h5>\n<p><strong>\/etc\/opendkim\/key.table<\/strong>\u3092\u4f5c\u6210\u3002opendkim.comf\u306eKeyTable\u30c7\u30a3\u30ec\u30af\u30c6\u30a3\u30d6<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo vim \/etc\/opendkim\/key.table<\/pre>\n<p>\u8a18\u8ff0\u65b9\u6cd5\u306f\u4ee5\u4e0b\u306e\u901a\u308a\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">&#x5B;\u30bb\u30ec\u30af\u30bf\u540d]._domainkey.&#x5B;\u30c9\u30e1\u30a4\u30f3\u540d] &#x5B;\u30c9\u30e1\u30a4\u30f3\u540d]:&#x5B;\u30bb\u30ec\u30af\u30bf\u540d]:&#x5B;\u79d8\u5bc6\u9375\u3078\u306e\u30d1\u30b9]<\/pre>\n<p>\u30c9\u30e1\u30a4\u30f3\u540d\u306f\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u30c9\u30e1\u30a4\u30f3\u3092\u8a18\u8ff0\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">default._domainkey.example.com example.com:default:\/etc\/opendkim\/keys\/example.com\/default.private<\/pre>\n<h5>Trusted Hosts\u4f5c\u6210<\/h5>\n<p><strong>\/etc\/opendkim\/trusted.table<\/strong> \u3092\u4f5c\u6210\u3002<\/p>\n<p>opendkim.comf\u306e ExternalIgnoreList\u3001InternalHosts\u30c7\u30a3\u30ec\u30af\u30c6\u30a3\u30d6<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo vim \/etc\/opendkim\/trusted.hosts<\/pre>\n<p>\u30e1\u30fc\u30eb\u9001\u53d7\u4fe1\u3092\u884c\u3046\u5185\u90e8\u30b5\u30fc\u30d0\u3092\u5bfe\u8c61<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">127.0.0.1\r\nlocahost<\/pre>\n<p>\u4e0a\u8a18\u4ee5\u5916\u306e\u4ed6\u306e\u30c9\u30e1\u30a4\u30f3\u6307\u5b9a\u4f8b<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">*.example.com<\/pre>\n<h5>opendkim\u8d77\u52d5<\/h5>\n<p>opendkim\u3092\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo systemctl start opendkim<\/pre>\n<p>\u30a8\u30e9\u30fc\u304c\u51fa\u529b\u3055\u308c\u306a\u3051\u308c\u3070\u3001opendkim\u306f\u8d77\u52d5\u6210\u529f\u3001\u30b5\u30fc\u30d3\u30b9\u306e\u72b6\u614b\u3092\u78ba\u8a8d\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ systemctl status opendkim\r\n\u25cf opendkim.service - OpenDKIM DomainKeys Identified Mail (DKIM) Milter\r\n     Loaded: loaded (\/lib\/systemd\/system\/opendkim.service; enabled; vendor preset: enabled)\r\n     Active: active (running) since Thu 2022-04-07 00:14:59 JST; 2 days ago\r\n       Docs: man:opendkim(8)\r\n             man:opendkim.conf(5)\r\n             man:opendkim-genkey(8)\r\n             man:opendkim-genzone(8)\r\n             man:opendkim-testadsp(8)\r\n             man:opendkim-testkey\r\n             http:\/\/www.opendkim.org\/docs.html\r\n   Main PID: 218436 (opendkim)\r\n      Tasks: 6 (limit: 1066)\r\n     Memory: 4.3M\r\n     CGroup: \/system.slice\/opendkim.service\r\n             \u2514\u2500218436 \/usr\/sbin\/opendkim -x \/etc\/opendkim.conf<\/pre>\n<h5>opendkim\u81ea\u52d5\u8d77\u52d5\u8a2d\u5b9a<\/h5>\n<p>\u30b5\u30fc\u30d0\u30fc\u306e\u518d\u8d77\u52d5\u3084\u505c\u6b62\u306e\u5fa9\u65e7\u6642\u306b\u3001opendkim\u304c\u81ea\u52d5\u7684\u306b\u8d77\u52d5\u8a2d\u5b9a<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo systemctl enable opendkim<\/pre>\n<h5>Postfix\u8a2d\u5b9a\u5909\u66f4<\/h5>\n<p>\u7d9a\u3044\u3066\u3001Postfix\u306e\u8a2d\u5b9a\u3082\u5909\u66f4\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<p><strong>\/etc\/postfix\/main.cf<\/strong> \u3092\u4fee\u6b63<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo vim \/etc\/postfix\/main.cf<\/pre>\n<p>SMTP\u63a5\u7d9a\u6642\u306bDKIM\u3092\u5229\u7528\u3059\u308b\u8a2d\u5b9a\u30d1\u30e9\u30e1\u30fc\u30bf\u3001opendkim\u7528\u8a2d\u5b9a\u3092\u6700\u4e0b\u90e8\u306b\u8ffd\u52a0<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">### DKIM Settings\r\nsmtpd_milters = inet:127.0.0.1:8892\r\nnon_smtpd_milters = $smtpd_milters\r\nmilter_default_action = accept<\/pre>\n<p>Postfix\u306e\u8a2d\u5b9a\u306f\u5b8c\u4e86\u3002Postfix\u3068OpenDKIM\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">$ sudo systemctl restart postfix opendkim<\/pre>\n<p>\u30e1\u30fc\u30eb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u30a2\u30d7\u30ea <a href=\"https:\/\/www.thunderbird.net\/ja\/)\" target=\"_blank\" rel=\"noopener\">Thunderbird<\/a> \u3092\u5229\u7528\u3057\u3066\u78ba\u8a8d\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/dkim_pass.png\" alt=\"\" width=\"249\" height=\"81\" class=\"alignnone size-full wp-image-11237\" \/><\/p>\n<p>DKIM\u304c\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u308b\u306e\u3092\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002\u6700\u5f8c\u306bDMARC\u306e\u8a2d\u5b9a\u3092\u884c\u3063\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<h5>DMARC\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7<\/h5>\n<p>DMARC\u3067\u306fDNS\u306bDMARC\u30ec\u30b3\u30fc\u30c9\u3092\u8ffd\u52a0\u3057\u307e\u3059<\/p>\n<p>\u8a2d\u5b9a\u5bfe\u8c61\u306e\u30c9\u30e1\u30a4\u30f3\u306b\u4e0b\u8a18\u7528\u306e\u3088\u3046\u306aTXT\u30ec\u30b3\u30fc\u30c9\u3092\u8ffd\u52a0\u3057\u307e\u3059<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">_dmarc TXT \"v=DMARC1; p=none; pct=100; adkim=r; aspf=r\"<\/pre>\n<table>\n<tbody>\n<tr>\n<td style=\"width: 60px;\">\u30db\u30b9\u30c8\u540d<\/td>\n<td>_dmarc.(example.com)<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">TYPE<\/td>\n<td>TXT<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">TTL<\/td>\n<td>300<\/td>\n<\/tr>\n<\/tr>\n<tr>\n<td style=\"width: 60px;\">VALUE<\/td>\n<td>v=DMARC1; p=none; pct=100; adkim=r; aspf=r<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u304a\u540d\u524d\u30c9\u30c3\u30c8\u30b3\u30e0\u306e\u8a2d\u5b9a\u4f8b<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/dmarc.png\" alt=\"\" width=\"677\" height=\"112\" class=\"alignnone size-full wp-image-11238\" srcset=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/dmarc.png 677w, https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/dmarc-300x50.png 300w\" sizes=\"auto, (max-width: 677px) 100vw, 677px\" \/><\/p>\n<p>\u6700\u4f4e\u9650\u3001\u3053\u3053\u307e\u3067\u884c\u3048\u3070DMARC\u306fPASS\u3055\u308c\u307e\u3059\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.webcyou.com\/wp-content\/uploads\/2022\/05\/all_pass.png\" alt=\"\" width=\"120\" height=\"228\" class=\"alignnone size-full wp-image-11239\" \/><\/p>\n<p>\u4e00\u65e6\u3001\u3053\u3053\u307e\u3067\u3067\u3001\u30e1\u30fc\u30eb\u9001\u4fe1\u306f\u3001SPF\u3001DKIM\u3001DMARC\u306fPASS\u3055\u308c\u3088\u308a\u30bb\u30ad\u30e5\u30a2\u306a\u9001\u4fe1\u304c\u884c\u3048\u307e\u3059\u3002<\/p>\n<p>\u304d\u3061\u3093\u3068DMARC\u306e\u8a2d\u5b9a\u3092\u884c\u3046\u5fc5\u8981\u3082\u3042\u308a\u307e\u3059\u304c\u3001\u5f8c\u307b\u3069\u306b\u3067\u3082\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u524d\u56de\u306eUbuntu 20.04 LTS \u30b5\u30fc\u30d0\u69cb\u7bc9 \u2013 Postfix Let\u2019s Encrypt\u3067TLS\u5316\u306e\u7d9a\u304d\u3067\u3059\u3002 \u4eca\u56de\u306fOpenDKIM\u3092\u7528\u3044\u3066DKIM\u3001DMARC\u3092\u8a2d\u5b9a\u3057\u3066\u3044\u304d\u307e\u3059\u3002 \u30e1\u30cb\u30e5\u30fc Ubuntu 2 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":11192,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[248],"tags":[221,44,45,293],"class_list":{"0":"post-11234","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","6":"hentry","7":"category-ubuntu","8":"tag-linux","9":"tag-web","11":"tag-293"},"_links":{"self":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts\/11234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11234"}],"version-history":[{"count":4,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts\/11234\/revisions"}],"predecessor-version":[{"id":11265,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/posts\/11234\/revisions\/11265"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=\/wp\/v2\/media\/11192"}],"wp:attachment":[{"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webcyou.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}