DKIM, SPF and DMARC for Anubiz Mail Server VPS
Without SPF, DKIM and DMARC your self-hosted Anubiz mail server lands in spam at Gmail and Outlook within the first message. These three records are the bare minimum to be treated as a legitimate sender. This walkthrough is for OpenDKIM + Postfix on an Ubuntu 24.04 Anubiz VPS and shows the exact records that Yandex, Gmail and Outlook check.
Need this done for your project?
We implement, you ship. Async, documented, done in days.
Step 1: Reverse DNS First
Open a ticket and request rDNS for your sending IP to match the MX hostname. Without rDNS major providers reject before they even look at SPF. Anubiz sets rDNS for free, request via the panel.
Step 2: SPF
TXT at example.com: v=spf1 mx -all. The -all is the strict version; use ~all while testing then move to hard fail. Add the relay if you use one.
Step 3: DKIM with OpenDKIM
apt install opendkim opendkim-tools. Generate a 2048-bit key with opendkim-genkey -s mail -d example.com. Publish the public key as TXT at mail._domainkey.example.com. Wire Postfix to OpenDKIM via the milter socket. Restart and check headers of an outbound test message for DKIM-Signature with v=1; a=rsa-sha256.
Step 4: DMARC
TXT at _dmarc.example.com: v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@example.com; ruf=mailto:dmarc-forensic@example.com; pct=100; adkim=s; aspf=s. Start with p=none for two weeks to gather aggregate reports, then quarantine, then reject.
Step 5: Validate
Send a test message to check-auth@verifier.port25.com. The reply lists SPF, DKIM and DMARC results. All three must be PASS before you start sending volume.
Related Services
Why Anubiz Host
Ready to get started?
Skip the research. Tell us what you need, and we'll scope it, implement it, and hand it back — fully documented and production-ready.