OpenDKIM with ED25519 keys
Generate keys #!/bin/bash # Check if required arguments are provided if [ $# -ne 2 ]; then echo "Usage: $0 <DOMAIN> <SELECTOR>" exit 1 fi # Set variables DOMAIN=$1 SELECTOR=$2 PRIVATE_KEY_FILE="${SELECTOR}.private" # Generate Ed25519 private key echo "Generating private key for ${DOMAIN} ${SELECTOR}" openssl genpkey -algorithm ed25519 -out "${PRIVATE_KEY_FILE}" # Generate public key and DKIM record echo "Generating public key and DKIM record for ${SELECTOR}._domainkey.${DOMAIN}" PUBLIC_KEY=$(openssl pkey -in "${PRIVATE_KEY_FILE}" -pubout) DKIM_RECORD="v=DKIM1; k=ed25519; s=${SELECTOR}; p=$(echo "${PUBLIC_KEY}" | openssl asn1parse -offset 12 -noout -out /dev/stdout | openssl base64 -A)" # Print DKIM record echo "${SELECTOR}._domainkey.${DOMAIN}. IN TXT \"${DKIM_RECORD}\"" > ${SELECTOR}.txt Update DNS records Create the DNS record for the selector in the DNS management console of your domain registrar. The record should be of type TXT and the value should be the content of the file generated in the <SELECTOR>.txt file. ...