By default OpenDKIM will sign just `From`, `To`, `Sender`,
`Subject` and `Date`.
It makes sense to also sign other headers (especially `Reply-To`)
to make sure nobody fiddles with the email.
Having very specific `TrustedHosts` has turned out to be more of a
hassle than a benefit in the end.
Since the service is runing on `localhost` either way, there's no
theoretical way for anybody alse to access the service. Hence we
just set all hosts (`0.0.0.0/0`) to trusted, reduce the LOC and
call it a day.
Important note: DKIM segment is hardcoded to "mail" in the
configuration.
You shouldn't be using any other segment name.
If you don't know what that means: DKIM checks your DNS server
for this segment name by querying `<segment>._domainkey.<domain>`.
So, when saying you need to use the `mail` segment this means that
the record *must* reside under `mail._domainkey.<domain>`.
This commit brings two important features:
- **DKIM support** It's now possible to configure this postfix
image to sign messages using DKIM by simply generating the keys
and providing them in the approprate folder. This should bring
us one step closer to directly sending out emails without relying
on a 3rd-party proxy.
- **test support** A nice and handy script, conviniently called
`test.sh` has been provided, builds the image, spins it up and
tries to send out an email. You'll need `docker-compose` to run
it, though.
