Fixes for DKIM implementation

Important note: DKIM segment is hardcoded to "mail" in the configuration. You shouldn't be using any other segment name. If you don't know what that means: DKIM checks your DNS server for this segment name by querying `<segment>._domainkey.<domain>`. So, when saying you need to use the `mail` segment this means that the record *must* reside under `mail._domainkey.<domain>`.
2024-11-10 17:05:00 +08:00 · 2019-03-07 08:29:50 +01:00 · 2019-03-07 08:29:50 +01:00 · cd4f64a8ce
commit cd4f64a8ce
parent d8873c8efb
3 changed files with 15 additions and 11 deletions
--- a/opendkim.conf
+++ b/opendkim.conf
@ -1,11 +1,12 @@
 AutoRestart             Yes
 AutoRestartRate         10/1h
 UMask                   002
-Syslog                  yes
+Syslog                  Yes
 SyslogSuccess           Yes
-LogWhy                  Yes
+LogWhy                  No

 Canonicalization        relaxed/simple
+RequireSafeKeys         no

 ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
 InternalHosts           refile:/etc/opendkim/TrustedHosts
--- a/run.sh
+++ b/run.sh
@ -213,7 +213,7 @@ if [ -d /etc/opendkim/keys ] && [ ! -z "$(find /etc/opendkim/keys -type f ! -nam
 	fi
 	echo -e "        ...using socket $dkim_socket"

-	postconf -e "milter_protocol=2"
+	postconf -e "milter_protocol=6"
 	postconf -e "milter_default_action=accept"
 	postconf -e "smtpd_milters=$dkim_socket"
 	postconf -e "non_smtpd_milters=$dkim_socket"
@ -241,7 +241,7 @@ if [ -d /etc/opendkim/keys ] && [ ! -z "$(find /etc/opendkim/keys -type f ! -nam
 				echo "*.$i" >> /etc/opendkim/TrustedHosts
 				echo "$i" >> /etc/opendkim/TrustedHosts
 				echo "mail._domainkey.$i $i:mail:$private_key" >> /etc/opendkim/KeyTable
-				echo "*@$i mail._domainkey.$i" > /etc/opendkim/SigningTable
+				echo "*@$i mail._domainkey.$i" >> /etc/opendkim/SigningTable
 			else
 				echo "  ...$warn skipping for domain ${emphasis}$i${reset}. File $private_key not found!"
 			fi
--- a/test.sh
+++ b/test.sh
@ -2,24 +2,27 @@
 docker build . -t boky/postfix
 docker-compose up -d

+FROM=$1
+TO=$2
+
 # Wait for postfix to startup
 echo "Waiting for startup..."
 while ! docker ps | fgrep postfix_test_587 | grep -q healthy; do 
    sleep 1
 done

-cat <<"EOF" | nc -C localhost 1587
+cat <<EOF | nc -C localhost 1587
 HELO test
-MAIL FROM:test@example.org
-RCPT TO:check-auth@verifier.port25.com
+MAIL FROM:$FROM
+RCPT TO:$TO
 DATA
 Subject: Postfix message test
-From: test@example.org
-To: check-auth@verifier.port25.com
-Date: Wed, 06 Mar 19 09:40:08 +0000
+From: $FROM
+To: $TO
+Date: $(date)
 Content-Type: text/plain

-This is a simple text
+This is a simple text of message sending using boky/postfix.
 .
 QUIT
 EOF