From e9c27548bbce8912da5cf55d8d8e921b3c3d8386 Mon Sep 17 00:00:00 2001
From: David Beniamine <david.beniamine@tetras-libre.fr>
Date: Sun, 5 Dec 2021 23:26:05 +0100
Subject: [PATCH] Add opendkim configuration
---
Readme.md | 5 ++++-
docker-compose.yml | 1 +
docker/postfix/Dockerfile | 2 +-
docker/postfix/etc/postfix/main.cf.append | 6 ++++++
docker/postfix/etc/service/opendkim/run | 14 ++++++++++++++
5 files changed, 26 insertions(+), 2 deletions(-)
create mode 100755 docker/postfix/etc/service/opendkim/run
diff --git a/Readme.md b/Readme.md
index 7d22912..d36bacf 100644
--- a/Readme.md
+++ b/Readme.md
@@ -62,6 +62,8 @@ Example of a `sympa_transport` file, for each domain you have Sympa providing ma
In this example, the variables `SYMPA_DOMAIN` and `POSTFIX_VIRTUAL_DOMAINS` should be `example.com`
+Postfix is automatically configured to add a dkim header to outgoing mails, to make it work, add the DNS entry found in `postfix/etc/dkim/mail.txt` to your domain configuration
+
## Volumes and configurations
@@ -74,7 +76,8 @@ In this example, the variables `SYMPA_DOMAIN` and `POSTFIX_VIRTUAL_DOMAINS` shou
| `./log/sympa` | sympa | `/var/log` | All logs |
| `./sympa/sympa/shared` | sympa and postfix | `/etc/sympa/shared` | Shared config between sympa and posfix |
| `./postfix/rsyslog` | postfix | `/etc/rsyslog.d1` | Rsyslog config directory |
-| `./log/postfix` | postfix | `/var/log/postfix` | Mail logs |
+| `./postfix/dkim` | postfix | `/etc/dkimkeys` | Opendkim key files |
+| `./log/postfix` | postfix | `/var/log/postfix` | Mail logs |
### Named volumes (data persistance only)
diff --git a/docker-compose.yml b/docker-compose.yml
index ab78c85..03551c7 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -37,6 +37,7 @@ services:
volumes:
- "./sympa/sympa/shared:/etc/sympa/shared"
- "./postfix/rsyslog:/etc/rsyslog.d1/"
+ - "./postfix/dkim:/etc/dkimkeys/"
- "./log/postfix:/var/log/postfix"
- "spool_postfix:/var/spool/postfix"
networks:
diff --git a/docker/postfix/Dockerfile b/docker/postfix/Dockerfile
index e7ee4d7..f372d1a 100644
--- a/docker/postfix/Dockerfile
+++ b/docker/postfix/Dockerfile
@@ -4,7 +4,7 @@ FROM tozd/postfix:ubuntu-focal
VOLUME /etc/sympa/shared
RUN apt-get update -q -q && \
- apt-get install adduser openssh-client --yes --force-yes && \
+ apt-get install adduser openssh-client opendkim opendkim-tools --yes --force-yes && \
adduser --system --group mailpipe --no-create-home --home /nonexistent && \
cp /etc/postfix/main.cf /etc/postfix/main.cf.orig && \
cp /etc/postfix/master.cf /etc/postfix/master.cf.orig
diff --git a/docker/postfix/etc/postfix/main.cf.append b/docker/postfix/etc/postfix/main.cf.append
index e0ad4b5..de9ce85 100644
--- a/docker/postfix/etc/postfix/main.cf.append
+++ b/docker/postfix/etc/postfix/main.cf.append
@@ -20,3 +20,9 @@ sympa_destination_recipient_limit = 1
sympadomain_destination_recipient_limit = 1
sympabounce_destination_recipient_limit = 1
sympabouncedomain_destination_recipient_limit = 1
+
+# DKIM
+milter_default_action = accept
+milter_protocol = 2
+smtpd_milters = inet:localhost:8892
+non_smtpd_milters = inet:localhost:8892
diff --git a/docker/postfix/etc/service/opendkim/run b/docker/postfix/etc/service/opendkim/run
new file mode 100755
index 0000000..e4f580d
--- /dev/null
+++ b/docker/postfix/etc/service/opendkim/run
@@ -0,0 +1,14 @@
+#!/bin/bash
+sed -i.bak \
+ -e 's/^#Domain.*/Domain */' \
+ -e 's/^#Selector.*/Selector mail/' \
+ -e 's@^#KeyFile.*@KeyFile /etc/dkimkeys/dkim.key@' \
+ -e 's/^\(Socket.*local.*$\)/#\1/' \
+ -e 's/^#\(Socket.*inet\)/\1/' \
+ /etc/opendkim.conf
+if [ ! -f "/etc/dkimkeys/dkim.key" ]; then
+ cd /etc/dkimkeys/
+ opendkim-genkey -s mail mail -d $MAILNAME
+ mv mail.private dkim.key
+fi
+exec /usr/sbin/opendkim -x /etc/opendkim.conf
--
GitLab