Tom Browder: > On 3 September 2017 at 12:08, pgndev <pgnet....@gmail.com> wrote: > ... > > Thanks for all the responses. > > Does everyone agree with pgndev's detailed cookbook recipe?
No, that advice is incorrect. 1) Specify the opendkim '-u' option with an account that is not used by anything else. Not postfix. Not wwww. Not your personal account. 2) Make opendkim files/directories owned by root and writable only by root. 3) Start opendkim as root (DO NOT use systemd user/group settings), Don't believe info from archwiki or other non-Postfix sites. They give bad advice such as sharing groups with Postfix or making opendkim files writable by the opendkim process. Wietse