Check opendkim keys

For checking opendkim private and public keys you can use opendkim-testkey:

~ $ opendkim-testkey -d -s default -k /etc/opendkim/keys/ -vvv
opendkim-testkey: key loaded from /etc/opendkim/keys/
opendkim-testkey: checking key ''
opendkim-testkey: key not secure
opendkim-testkey: key OK

-d: domain
-s: selector, in this case “default”
-k: local path to the private key
-vvv: extra verbose info

Message key not secure is just due that the domain has not DNSSEC configured.