feat(amavis): Configured dkim

Default config is for domain example.org, which
is the testing domain.

User will be required to customise '90-dkim' with thier
own domain configuration, including generating dkim signing certificates.

MR !2

include/docker-entrypoint.sh

@@ -36,6 +36,24 @@ mkdir -p /var/lock/fetchmail
 if [ "$1" == "setup" ]; then
 
 
+
+if [ ! -f /certs/amavis/dkim/example.org.dkim.pem ]; then
+
+        echo "[WARNING] Creating DKIM Cert, example.org. Consider Creating your own";
+
+        amavisd-new genrsa /certs/amavis/dkim/example.org.dkim.pem 4096;
+
+        chmod g+r /certs/amavis/dkim/example.org.dkim.pem;
+
+        chgrp amavis /certs/amavis/dkim/example.org.dkim.pem;
+
+        amavisd-new showkeys example.org;
+    fi
+
+
+    supervisorctl start amavis;
+
+
 postconf -e "myhostname = $(`echo hostname -f`)"
 
 

include/etc/amavis/conf.d/40-socket

@@ -2,5 +2,9 @@
 # Socket config
 #
 
-$inet_socket_port = 10023
+# Listening socket
+#   10023 - Submission, Outbound mail
+#   10024 - SMTP, Inbound mail
+
+$inet_socket_port = [10023, 10024]
 

include/etc/amavis/conf.d/90-dkim

@@ -0,0 +1,25 @@
+dkim_key(
+    'example.org',
+    'dkim',
+    '/certs/amavis/dkim/example.org.dkim.pem'
+);
+
+
+@dkim_signature_options_bysender_maps = (
+    {
+        "example.org" => {
+            d   => 'example.org',
+            a   => 'rsa-sha256',
+            ttl => 10*24*3600
+        }
+    }
+);
+
+$enable_dkim_signing = 1;
+
+$interface_policy{'10023'} = 'SUBMISSION';
+
+$policy_bank{'SUBMISSION'} = {
+    originating => 1,
+    smtpd_discard_ehlo_keywords => ['8BITMIME']
+};

include/etc/supervisor/conf.d/supervisord.conf

@@ -34,7 +34,7 @@ command=/usr/sbin/cron -f
 [program:amavis]
 startsecs=0
 stopwaitsecs=55
-autostart=true
+autostart=false
 autorestart=true
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s.log