SPF (Sender Policy Framework)
links: wiki syntax tools validator RFC 4408
DNS records
domain.tld IN TXT v=spf1 ip4:ipAddress ~all
# domain.tld IN SPF v=spf1 ip4:ipAddress ~allwhere:
ip4:ipAddress - Allowed IP for send
DKIM (DomainKeys Identified Mail)
links: wiki validator RFC 4871
generate DKIM keys
mkdir /etc/exim4/dkim
cd /etc/exim4/dkim
# private key
openssl genrsa -out domain.tld.key 1024
# public key
openssl rsa -in domain.tld.key -pubout > domain.tld.pub
# permissions
chown -R Debian-exim:Debian-exim /etc/exim4/dkim/
chmod 640 /etc/exim4/dkim/*configure exim
configure exim for internet site
dpkg-reconfigure exim4-configedit config: /etc/exim4/update-exim4.conf.conf
or (if u use splitted config) /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp
add this line:
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_KEY_FILE = /etc/exim4/dkim/domain.tld.key
DKIM_PRIVATE_KEY = ${if exists{DKIM_KEY_FILE}{DKIM_KEY_FILE}{0}}
DKIM_SELECTOR = mailrestart exim
/etc/init.d/exim4 restartDNS records
mail._domainkey IN TXT v=DKIM1; k=rsa; p=publicKeywhere:
p=publicKey - u public key without new line breaks and comments (/etc/exim4/dkim/domain.tld.pub)
mail._domainkey - DKIM_SELECTOR from exim config