docker/docker-mail
1
0
Fork 0
Code Issues 4 Pull Requests Actions Projects Releases 6 Wiki Activity

feat(amavis): Configured dkim

Browse Source 
Default config is for domain example.org, which
is the testing domain.

User will be required to customise '90-dkim' with thier
own domain configuration, including generating dkim signing certificates.

MR !2
This commit is contained in:
Jon Lockwood
2022-02-16 10:36:47 +09:30
parent d8e51085a1
commit b9b2527a42
5 changed files with 54 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
dockerfile
View File

@ -129,7 +129,11 @@ RUN chmod +x /docker-entrypoint.sh \
&& curl -o /bin/fetchmail.pl https://raw.githubusercontent.com/postfixadmin/postfixadmin/8f20c96278a694a7e0bb570f1d56c208105e5a14/ADDITIONS/fetchmail.pl \ && curl -o /bin/fetchmail.pl https://raw.githubusercontent.com/postfixadmin/postfixadmin/8f20c96278a694a7e0bb570f1d56c208105e5a14/ADDITIONS/fetchmail.pl \
&& chmod +x /bin/fetchmail.pl \ && chmod +x /bin/fetchmail.pl \
&& mkdir -p /var/run/fetchmail \ && mkdir -p /var/run/fetchmail \
&& mkdir -p /var/lock/fetchmail && mkdir -p /var/lock/fetchmail \
# Amavis DKIM related commands
&& mkdir -p /certs/amavis/dkim/ \
&& chown root:amavis /certs/amavis/dkim/ \
&& chmod 750 /certs/amavis/dkim/
# Setup data volumes # Setup data volumes

18
include/docker-entrypoint.sh
View File

@ -36,6 +36,24 @@ mkdir -p /var/lock/fetchmail
if [ "$1" == "setup" ]; then if [ "$1" == "setup" ]; then
if [ ! -f /certs/amavis/dkim/example.org.dkim.pem ]; then
echo "[WARNING] Creating DKIM Cert, example.org. Consider Creating your own";
amavisd-new genrsa /certs/amavis/dkim/example.org.dkim.pem 4096;
chmod g+r /certs/amavis/dkim/example.org.dkim.pem;
chgrp amavis /certs/amavis/dkim/example.org.dkim.pem;
amavisd-new showkeys example.org;
fi
supervisorctl start amavis;
postconf -e "myhostname = $(`echo hostname -f`)" postconf -e "myhostname = $(`echo hostname -f`)"

6
include/etc/amavis/conf.d/40-socket
View File

@ -2,5 +2,9 @@
# Socket config # Socket config
# #
$inet_socket_port = 10023 # Listening socket
# 10023 - Submission, Outbound mail
# 10024 - SMTP, Inbound mail
$inet_socket_port = [10023, 10024]

25
include/etc/amavis/conf.d/90-dkim Normal file
View File

@ -0,0 +1,25 @@
dkim_key(
'example.org',
'dkim',
'/certs/amavis/dkim/example.org.dkim.pem'
);
@dkim_signature_options_bysender_maps = (
{
"example.org" => {
d => 'example.org',
a => 'rsa-sha256',
ttl => 10*24*3600
}
}
);
$enable_dkim_signing = 1;
$interface_policy{'10023'} = 'SUBMISSION';
$policy_bank{'SUBMISSION'} = {
originating => 1,
smtpd_discard_ehlo_keywords => ['8BITMIME']
};

2
include/etc/supervisor/conf.d/supervisord.conf
View File

@ -34,7 +34,7 @@ command=/usr/sbin/cron -f
[program:amavis] [program:amavis]
startsecs=0 startsecs=0
stopwaitsecs=55 stopwaitsecs=55
autostart=true autostart=false
autorestart=true autorestart=true
stdout_logfile=/var/log/supervisor/%(program_name)s.log stdout_logfile=/var/log/supervisor/%(program_name)s.log
stderr_logfile=/var/log/supervisor/%(program_name)s.log stderr_logfile=/var/log/supervisor/%(program_name)s.log