bokysan/docker-postfix
1
1
Fork 0
mirror of https://github.com/bokysan/docker-postfix.git synced 2025-09-26 16:34:21 +08:00
Code Issues Projects Releases Packages Wiki Activity

DomainKeys fixes

Browse source 
This fix makes it more explicit that "mail" segment must be used
with this DKIM and adds a few more code to the DKIM part to make
it more resillient and useful.
This commit is contained in:
Bojan Čekrlić 2019-03-06 13:07:26 +01:00
parent a1cffc6b23
commit 456e00e8b4
3 changed files with 21 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
README.md
View file

@ -145,8 +145,17 @@ You'll need to create a folder for every domain you want to send through Postfi
```
mkdir -p /host/keys; cd /host/keys
opendkim-genkey -b 2048 -h rsa-sha256 -r -v -s example.com -d example.com
opendkim-genkey -b 2048 -h rsa-sha256 -r -v -s example.org -d example.org
for DOMAIN in example.com example.org; do
# Generate a key with selector "mail"
opendkim-genkey -b 2048 -h rsa-sha256 -r -v --subdomains -s mail -d $DOMAIN
# Fixes https://github.com/linode/docs/pull/620
sed -i 's/h=rsa-sha256/h=sha256/' mail.txt
# Move to proper file
mv mail.private $DOMAIN.private
mv mail.txt $DOMAIN.txt
done
...
```
`opendkim-genkey` is usually in your favourite distribution provided by installing `opendkim-tools` or `opendkim-utils`.

9
run.sh
View file

@ -222,15 +222,24 @@ if [ -d /etc/opendkim/keys ] && [ ! -z "$(find /etc/opendkim/keys -type f ! -nam
echo > /etc/opendkim/KeyTable
echo > /etc/opendkim/SigningTable
echo "::1" >> /etc/opendkim/TrustedHosts
echo "127.0.0.1" >> /etc/opendkim/TrustedHosts
echo "localhost" >> /etc/opendkim/TrustedHosts
oldIFS="$IFS"
IFS=','; for i in $MYNETWORKS; do
echo "$i" >> /etc/opendkim/TrustedHosts
done
IFS="$oldIFS"
echo "" >> /etc/opendkim/TrustedHosts
if [ ! -z "$ALLOWED_SENDER_DOMAINS" ]; then
for i in $ALLOWED_SENDER_DOMAINS; do
private_key=/etc/opendkim/keys/$i.private
if [ -f $private_key ]; then
echo -e " ...for domain ${emphasis}$i${reset}"
echo "*.$i" >> /etc/opendkim/TrustedHosts
echo "$i" >> /etc/opendkim/TrustedHosts
echo "mail._domainkey.$i $i:mail:$private_key" >> /etc/opendkim/KeyTable
echo "*@$i mail._domainkey.$i" > /etc/opendkim/SigningTable
else

1
test.sh
View file

@ -16,6 +16,7 @@ DATA
Subject: Postfix message test
From: test@example.org
To: check-auth@verifier.port25.com
Date: Wed, 06 Mar 19 09:40:08 +0000
Content-Type: text/plain
This is a simple text