Check opendkim keys

For checking opendkim private and public keys you can use opendkim-testkey:

~ $ opendkim-testkey -d mydomain.com -s default -k /etc/opendkim/keys/mydomain.com/key.private -vvv
opendkim-testkey: key loaded from /etc/opendkim/keys/mydomain.com/key.private
opendkim-testkey: checking key 'default._domainkey.mydomain.com'
opendkim-testkey: key not secure
opendkim-testkey: key OK

-d: domain
-s: selector, in this case “default”
-k: local path to the private key
-vvv: extra verbose info

Message key not secure is just due that the domain has not DNSSEC configured.