Select Page

How to create a WildDuck DKIM key for a new domain

After adding a new domain to the WildDuck configuration you might also want to create a DKIM key for that domain.

A new DKIM key can be created via API.
I’m using Insomnia and I have created a POST request posting to /remote-api/dkim API URL and configured the X-Access-Token header with the authentication accessToken value from /etc/wildduck/wildduck-webmail.toml (see the [api] section in that file):

Then in the Query tab we can add a selector of our choice and the domain name:

Now we can press Send and copy the value (e.g. v=DKIM1;t=s;p=...) from the Preview tab into our new TXT DNS record.

How to add multiple domains to WildDuck Webmail?

How to add multiple domains to WildDuck Webmail?

WildDuck is a simple mail server solution and is often accompanied by the WildDuck Webmail service. While you can create email addresses with any domain via both the WildDuck’s API and the Webmail GUI, when it comes to aliases and the ease of use of the user interface, by default you’re only limited to the one you’ve initially configured.

To add further domains to choose from when creating alias addresses, edit the wildduck-webmail.toml file (it is located in /etc/wildduck/) and add your additional domains in the domains=[] array like so:

[service]
...
# allowed domains for new addresses
domains=["oviliz.com","seconddomain.com"]

Restart the webmail service with systemctl restart wildduck-webmail and you’re good to go.

Now if you want to also create a separate DKIM key and DNS record, follow this short guide.

Let’s Encrypt wildcard certificate configuration with AWS Route 53 DNS by @Sharl…

Let’s Encrypt wildcard certificate configuration with AWS Route 53 DNS by @Sharl…

Source by Cristian O. Balan

In a nutshell:

mkdir ~/.aws
nano ~/.aws/credentials
#[default]
#aws_access_key_id = ABC
#aws_secret_access_key = XYZ
chmod 400 ~/.aws/credentials
chmod 500 ~/.aws
apt-get install software-properties-common
add-apt-repository ppa:certbot/certbot
apt update && apt install python-certbot-nginx python-pip python-asn1crypto python-certifi python-cffi-backend python-cryptography python-enum34 python-idna python-ipaddress
pip install --upgrade pip
certbot --version
pip install certbot_dns_route53==0.26.1
mkdir -p /opt/letsencrypt/config
mkdir -p /opt/letsencrypt/log
mkdir -p /opt/letsencrypt/work
certbot certonly -d hosting.oviliz.com --dns-route53 --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ -m [email protected] --agree-tos --non-interactive --server https://acme-v02.api.letsencrypt.org/directory
/usr/local/bin/certbot renew --dns-route53 --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ --non-interactive --server https://acme-v02.api.letsencrypt.org/directory --post-hook "service nginx reload"

Or if you’re using DNS Made Easy:

#...
nano ~/.dnsmadeeasy/credentials
#dns_dnsmadeeasy_api_key = ABC
#dns_dnsmadeeasy_secret_key = XYZ
#...
certbot certonly -d hosting.oviliz.com --dns-dnsmadeeasy --dns-dnsmadeeasy-credentials ~/.dnsmadeeasy/credentials --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ -m [email protected] --agree-tos --non-interactive --server https://acme-v02.api.letsencrypt.org/directory
/usr/local/bin/certbot renew --dns-route53 --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ --non-interactive --server https://acme-v02.api.letsencrypt.org/directory --post-hook "service nginx reload"

The same concept can be obviously applied with Cloudflare and so on.