Forge Home


Configures OpenDKIM


11,868 latest version

4.6 quality score

Version information

  • 0.0.7 (latest)
  • 0.0.5
  • 0.0.3
  • 0.0.1
released Nov 25th 2015
This version is compatible with:
  • ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'bi4o4ek-opendkim', '0.0.7'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add bi4o4ek-opendkim
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install bi4o4ek-opendkim --version 0.0.7

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



bi4o4ek/opendkim — version 0.0.7 Nov 25th 2015

Build Status


Table of Contents

  1. Overview
  2. Module Description
  3. Setup - The basics of getting started with opendkim
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module


The opendkim module allows you to set up mail signing and manage DKIM services with minimal effort.

Module Description

OpenDKIM is a widely-used DKIM service, and this module provides a simplified way of creating configurations to manage your infrastructure. This includes the ability to configure and manage a range of different domain, as well as a streamlined way to install and configure OpenDKIM service.


What opendkim affects

  • configuration files and directories (created and written to)
  • package/service/configuration files for OpenDKIM
  • signing domains list
  • trusted hosts list

Beginning with opendkim

To install OpenDKIM with the default parameters

include opendkim

Add domains for signing

opendkim::domain{['', '']:}

Add allowed hosts

opendkim::trusted{['', '']:}


For example. There is internal ip and external ip on our mail-relay host with OpenDKIM. This host signs all mails for domains and

# Postfix-relay
class{ 'postfix::server':
    inet_interfaces              => ', localhost',
    mynetworks                   => ',',
    smtpd_recipient_restrictions => 'permit_mynetworks, reject_unauth_destination',
    smtpd_client_restrictions    => 'permit_mynetworks, reject',
    mydestination                => '$myhostname',
    myhostname                   => '',
    smtpd_banner                 => 'Hello',
    extra_main_parameters        => {
        smtp_bind_address     => '',
        smtpd_milters         => 'inet:',
        non_smtpd_milters     => '$smtpd_milters',
        milter_default_action => 'accept',
        milter_protocol       => '2',

# OpenDKIM
include opendkim
opendkim::domain{['', '']:}
opendkim::trusted{['', '']:}

After puppet-run you need to copy contents of /etc/opendkim/keys/ and paste into corresponding DNS-zone as TXT. Then repeat this action for

Puppet module for postfix in this example is thias/postfix v0.3.3


Puppetlabs are working on automating this section.


This module is tested on:

  • CentOS 6
  • Ubuntu 12.04
  • Ubuntu 14.04


Fork me on github and make pull request.