碁打ち向け交流アプリ

sudo dnf install postfix -y
sudo dnf install s-nail -y
sudo systemctl enable postfix
sudo systemctl status postfix

sudo tail -f /var/log/maillog

echo "Test mail from Postfix" | mail -s "Test" kyo.trainee.sys.202205@gmail.com
→メールが届かない

spf設定
txt v=spf1 a mx ip4:85.131.249.57 ~all

sudo dnf install -y oracle-epel-release-el9
sudo dnf config-manager --enable ol9_codeready_builder
sudo dnf provides '/libmilter.so.'
sudo dnf install -y sendmail
sudo dnf install -y libmilter libmemcached-libs
sudo dnf install -y libmemcached libmemcached-libs
sudo dnf install -y opendkim opendkim-tools --nobest

sudo mkdir -p /etc/opendkim/keys/test.igovote.net
sudo chown -R opendkim:opendkim /etc/opendkim
sudo chmod go-rwx /etc/opendkim/keys/test.igovote.net

sudo opendkim-genkey -D /etc/opendkim/keys/test.igovote.net/ -d test.igovote.net -s default-go
sudo chown opendkim:opendkim /etc/opendkim/keys/test.igovote.net/default-go.private

/etc/opendkim.conf（改訂版）

# バックアップ
sudo cp -a /etc/opendkim.conf /etc/opendkim.conf.bak.$(date +%F-%H%M%S)

# 最小構成へ置換（TrustedHosts→InternalHosts/ExternalIgnoreList、Selector削除）
sudo bash -c 'cat >/etc/opendkim.conf' <<'CONF'
Syslog                  yes
UMask                   002
Canonicalization        relaxed/simple
Mode                    sv
UserID                  opendkim:opendkim
PidFile                 /run/opendkim/opendkim.pid
Socket                  inet:8891@127.0.0.1
KeyTable                file:/etc/opendkim/KeyTable
SigningTable            refile:/etc/opendkim/SigningTable
InternalHosts           file:/etc/opendkim/TrustedHosts
ExternalIgnoreList      file:/etc/opendkim/TrustedHosts
CONF

/etc/opendkim/KeyTable

mail._domainkey.test.igovote.net test.igovote.net:mail:/etc/opendkim/keys/test.igovote.net/mail.private

/etc/opendkim/SigningTable

*@test.igovote.net mail._domainkey.test.igovote.net

/etc/opendkim/TrustedHosts

127.0.0.1
::1
localhost
85.131.249.57

Postfix連携（/etc/postfix/main.cf 末尾。二重になって結局修正したのでチェックしながら。）

milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = inet:127.0.0.1:8891

有効化

sudo systemctl enable --now opendkim
sudo systemctl restart postfix

公開鍵を設定する
確認
dig mail._domainkey.test.igovote.net TXT +short

echo "DKIM test" | mail -s "dkim test" your@gmail.com

opendkimログ
sudo journalctl -u opendkim -n 50 --no-pager

sudo journalctl -u postfix -n 50 --no-pager

確認メール

printf 'From: no-reply@test.igovote.net\nTo: kyo.trainee.sys.202205@gmail.com\nSubject: DKIM check\n\nbody\n' \
| /usr/sbin/sendmail.postfix -v -i -f no-reply@test.igovote.net -t

1. どの sendmail が使われているか確認
   ls -l /usr/sbin/sendmail*
   sudo alternatives --display mta 2>/dev/null || true

→ 出力で /usr/sbin/sendmail が sendmail 本家を指していた（/usr/sbin/sendmail.sendmail など）。

2. Postfix に切り替え
   sudo alternatives --set mta /usr/sbin/sendmail.postfix

コマンド

# === 基本 ===
sudo hostnamectl set-hostname test.igovote.net
echo '127.0.0.1 test.igovote.net' | sudo tee -a /etc/hosts

# === Postfix 設定 ===
sudo sed -i '/^myhostname\s*=/d;/^myorigin\s*=/d;/^smtp_helo_name\s*=/d' /etc/postfix/main.cf
sudo postconf -e 'myhostname = test.igovote.net'
sudo postconf -e 'myorigin = test.igovote.net'
sudo postconf -e 'smtp_helo_name = test.igovote.net'
sudo postconf -e 'smtpd_milters = inet:127.0.0.1:8891'
sudo postconf -e 'non_smtpd_milters = inet:127.0.0.1:8891'

# === sendmail を Postfix に切替 ===
sudo alternatives --set mta /usr/sbin/sendmail.postfix || sudo ln -sf /usr/sbin/sendmail.postfix /usr/sbin/sendmail

# === OpenDKIM 設定 ===
sudo cp -a /etc/opendkim.conf /etc/opendkim.conf.bak.$(date +%F-%H%M%S)
sudo bash -c 'cat >/etc/opendkim.conf' <<'CONF'
Syslog                  yes
UMask                   002
Canonicalization        relaxed/simple
Mode                    sv
UserID                  opendkim:opendkim
PidFile                 /run/opendkim/opendkim.pid
Socket                  inet:8891@127.0.0.1
KeyTable                file:/etc/opendkim/KeyTable
SigningTable            refile:/etc/opendkim/SigningTable
InternalHosts           file:/etc/opendkim/TrustedHosts
ExternalIgnoreList      file:/etc/opendkim/TrustedHosts
LogWhy                  yes
CONF

# === DKIM 鍵作成（selector: default-go / d=test.igovote.net）===
sudo mkdir -p /etc/opendkim/keys/test.igovote.net
sudo opendkim-genkey -D /etc/opendkim/keys/test.igovote.net/ -d test.igovote.net -s default-go
sudo chown -R opendkim:opendkim /etc/opendkim
sudo chmod 600 /etc/opendkim/keys/test.igovote.net/default-go.private
sudo chmod go-rwx /etc/opendkim/keys/test.igovote.net

# === テーブル類 ===
sudo bash -c 'cat >/etc/opendkim/SigningTable' <<'SIGN'
*@test.igovote.net         default-go._domainkey.test.igovote.net
SIGN
sudo bash -c 'cat >/etc/opendkim/KeyTable' <<'KEY'
default-go._domainkey.test.igovote.net test.igovote.net:default-go:/etc/opendkim/keys/test.igovote.net/default-go.private
KEY
sudo bash -c 'cat >/etc/opendkim/TrustedHosts' <<'TRUST'
127.0.0.1
::1
localhost
test.igovote.net
85.131.249.57
TRUST
sudo sed -i 's/\r$//' /etc/opendkim/SigningTable /etc/opendkim/KeyTable /etc/opendkim/TrustedHosts

# === 再起動 ===
sudo systemctl restart opendkim
sudo systemctl restart postfix

# === 動作確認 ===
sudo ss -ltnp | grep 8891
postconf -n | grep -i milter
sudo journalctl -u opendkim -n 50 --no-pager
sudo journalctl -u postfix  -n 50 --no-pager

# === 送信テスト（非対話）===
printf 'From: no-reply@test.igovote.net\nTo: you@gmail.com\nSubject: DKIM check\n\nbody\n' \
| /usr/sbin/sendmail.postfix -v -i -f no-reply@test.igovote.net -t