On Sun, Sep 3, 2017 at 13:56 Wietse Venema <[email protected]> wrote:
> Tom Browder: > > Does everyone agree with pgndev's detailed cookbook recipe? > > No, that advice is incorrect. > > 1) Specify the opendkim '-u' option with an account that is not > used by anything else. Not postfix. Not wwww. Not your personal > account. Choosing 'opendkim' sounds like a good choice. 2) Make opendkim files/directories owned by root and writable > only by root. > > 3) Start opendkim as root (DO NOT use systemd user/group settings), Do you use a simple init.d script for system reboots? Or a proper systemd service file that does the right thing? I notice there is a contributed systemd service file with the opendkim source. -Tom
