\u6539\u3081\u3066\u30de\u30eb\u30c1\u30c9\u30e1\u30a4\u30f3\u9375\u4ed5\u69d8\u3067\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u307e\u3059\u3002<\/p>\n
@mail.example.net\u306e\u3068\u304d\u306f\u30db\u30b9\u30c8\u56fa\u6709\u9375\u3092\u4f7f\u3044\u3001@example.net\u306e\u3068\u304d\u306f\u30c7\u30d5\u30a9\u30eb\u30c8\u9375\u3092\u4f7f\u3046\u3088\u3046\u306b\u3057\u307e\u3059\u3002<\/p>\n
\r\npkg install -y opendkim\r\nsysrc milteropendkim_enable=YES\r\n<\/pre>\n\/usr\/local\/etc\/mail\/opendkim.conf<\/h4>\n
\r\n--- opendkim.conf.sample 2026-01-17 00:20:21.000000000 +0900\r\n+++ opendkim.conf 2026-02-23 02:57:04.833756208 +0900\r\n@@ -159,7 +159,7 @@\r\n ## Specify for which domain(s) signing should be done. No default; must\r\n ## be specified for signing.\r\n\r\n-Domain example.com\r\n+Domain example.net\r\n\r\n ## DomainKeysCompat { yes | no }\r\n ## default "no"\r\n@@ -244,7 +244,7 @@\r\n ## SigningTable and KeyTable are used. No default; must be specified for\r\n ## signing if SigningTable\/KeyTable are not in use.\r\n\r\n-KeyFile \/var\/db\/dkim\/example.private\r\n+# KeyFile \/var\/db\/dkim\/example.private\r\n\r\n ## KeyTable dataset\r\n ## default (none)\r\n@@ -255,7 +255,7 @@\r\n ## a base64-encoded DER format private key, or a path to a file containing\r\n ## one of those.\r\n\r\n-# KeyTable dataset\r\n+KeyTable refile:\/usr\/local\/etc\/mail\/KeyTable\r\n\r\n ## LogWhy { yes | no }\r\n ## default "no"\r\n@@ -501,7 +501,7 @@\r\n ## failure reports. By default, the e-mail address of the user executing\r\n ## the filter is used.\r\n\r\n-# ReportAddress "DKIM Error Postmaster" <postmaster@example.com>\r\n+ReportAddress "DKIM Error Postmaster" <postmaster@example.net>\r\n\r\n ## ReportBccAddress addr\r\n ## default (none)\r\n@@ -569,7 +569,7 @@\r\n ## The name of the selector to use when signing. No default; must be\r\n ## specified for signing.\r\n\r\n-Selector my-selector-name\r\n+Selector mail\r\n\r\n ## SenderHeaders dataset\r\n ## default (none)\r\n@@ -629,7 +629,7 @@\r\n ## is set, all possible lookup keys will be attempted which may result\r\n ## in multiple signatures being applied.\r\n\r\n-# SigningTable filename\r\n+SigningTable refile:\/usr\/local\/etc\/mail\/SigningTable\r\n\r\n ## SingleAuthResult { yes | no}\r\n ## default "no"\r\n@@ -657,7 +657,7 @@\r\n ## inet:port to listen on all interfaces\r\n ## local:\/path\/to\/socket to listen on a UNIX domain socket\r\n\r\n-Socket inet:port@localhost\r\n+Socket local:\/var\/run\/milteropendkim\/socket\r\n\r\n ## SoftwareHeader { yes | no }\r\n ## default "no"\r\n@@ -760,4 +760,4 @@\r\n ## Change to user "userid" before starting normal operation? May include\r\n ## a group ID as well, separated from the userid by a colon.\r\n\r\n-# UserID userid\r\n+UserID mailnull:mailnull\r\n<\/pre>\n\u9375\u306e\u4f5c\u6210<\/h3>\n
roles\/freebsd\/tasks\/opendkim.yaml<\/h4>\n
\r\n- name: opendkim-genkey host selector\r\n command: |\r\n \/usr\/local\/sbin\/opendkim-genkey -b 2048 -D \/var\/db\/dkim -d {{ inventory_hostname }} -s {{ inventory_hostname.split('.')[0] }}\r\n\r\n- name: opendkim-genkey default selector\r\n command: |\r\n \/usr\/local\/sbin\/opendkim-genkey -b 2048 -D \/var\/db\/dkim -d example.net -s default\r\n<\/pre>\n\u9375\u306e\u8a2d\u5b9a<\/h3>\n
\/usr\/local\/etc\/mail\/KeyTable<\/h4>\n
\r\ndefault._domainkey.example.net example.net:default:\/var\/db\/dkim\/default.private\r\nmail._domainkey.example.net example.net:mail:\/var\/db\/dkim\/mail.private\r\n<\/pre>\n\/usr\/local\/etc\/mail\/SigningTable<\/h4>\n
\r\n*@example.net default._domainkey.example.net\r\n*@mail.example.net mail._domainkey.example.net\r\n<\/pre>\nSendmail\u306e\u8a2d\u5b9a<\/h3>\n
\/etc\/mail\/sendmail.cf<\/h4>\n
\r\n+ O InputMailFilters=dkim-milter\r\n+ Xdkim-milter, S=local:\/var\/run\/milteropendkim\/socket, F=T, T=R:2m\r\n<\/pre>\nDNS\u306e\u8a2d\u5b9a<\/h3>\n
\/usr\/local\/etc\/namedb\/primary\/example.net.zone<\/h4>\n
\r\n+ $INCLUDE \/var\/db\/dkim\/default.txt\r\n+ $INCLUDE \/var\/db\/dkim\/mail.txt\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"\u6539\u3081\u3066\u30de\u30eb\u30c1\u30c9\u30e1\u30a4\u30f3\u9375\u4ed5\u69d8\u3067\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u307e\u3059\u3002 \u524d\u63d0 OS: FreeBSD MTA: Sendmail \u30e1\u30fc\u30eb\u30c9\u30e1\u30a4\u30f3: @example.net\/@mail.example.net \u30e1\u30fc\u30eb\u30b5\u30fc\u30d0\u30fc: mail.ex\u2026 \u7d9a\u304d\u3092\u8aad\u3080 »<\/a><\/span><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3115","post","type-post","status-publish","format-standard","hentry","category-freebsd"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts\/3115"}],"collection":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/comments?post=3115"}],"version-history":[{"count":16,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts\/3115\/revisions"}],"predecessor-version":[{"id":3139,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts\/3115\/revisions\/3139"}],"wp:attachment":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/media?parent=3115"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/categories?post=3115"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/tags?post=3115"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}