diff --git a/etc/alternc/templates/opendkim.conf b/etc/alternc/templates/opendkim.conf
index 7499491f..d2edbb7c 100644
--- a/etc/alternc/templates/opendkim.conf
+++ b/etc/alternc/templates/opendkim.conf
@@ -14,3 +14,7 @@ KeyTable           /etc/opendkim/KeyTable
 SigningTable       /etc/opendkim/SigningTable
 ExternalIgnoreList /etc/opendkim/TrustedHosts
 InternalHosts      /etc/opendkim/TrustedHosts
+
+# The value from /etc/default/opendkim doesn't seem to be taken into account
+# @see https://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=861169
+Socket             local:/var/run/opendkim/opendkim.sock
\ No newline at end of file
diff --git a/install/alternc.install b/install/alternc.install
index 4385ddbb..0f1e84e8 100755
--- a/install/alternc.install
+++ b/install/alternc.install
@@ -649,6 +649,15 @@ touch /etc/opendkim/TrustedHosts /etc/opendkim/SigningTable /etc/opendkim/KeyTab
 grep -q "^127.0.0.1\$" /etc/opendkim/TrustedHosts || echo "127.0.0.1" >>/etc/opendkim/TrustedHosts
 grep -q "^localhost\$" /etc/opendkim/TrustedHosts || echo "localhost" >>/etc/opendkim/TrustedHosts
 grep -q "^$PUBLIC_IP\$" /etc/opendkim/TrustedHosts || echo "$PUBLIC_IP" >>/etc/opendkim/TrustedHosts
+if [ "$(lsb_release -s -c)" == 'stretch' ] ; then
+    /lib/opendkim/opendkim.service.generate
+    # Without adding '-u opendkim' after the service file is generated, opendkim
+    # will run as root, which we do not want.
+    if [ "$(grep -c 'u opendkim' /etc/systemd/system/opendkim.service.d/override.conf)" == 0 ] ; then
+        sed 's/inet:8891@127.0.0.1/& -u opendkim/' /etc/systemd/system/opendkim.service.d/override.conf
+    fi
+    systemctl daemon-reload
+fi
 
 # Add opendkim to service to restart
 SERVICES="$SERVICES opendkim bind9"