exherbo-dockermail/opendkim/config/opendkim.conf

# Log to syslog
Syslog                  yes
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
#UMask                  002
# dkim-milter (2.5.2.dfsg-1ubuntu1) hardy:
# Disable new umask option by default (not needed since Ubuntu default
# uses a TCP socket instead of a Unix socket).

# Attempt to become the specified userid before starting operations.
#UserID                 105 # 'id postfix' in your shell


# Sign for example.com with key in /etc/mail/dkim.key using
# selector '2007' (e.g. 2007._domainkey.example.com)
Domain                  example.com
KeyFile                 /etc/dkim.key
Selector                mail

# Common settings. See dkim-filter.conf(5) for more information.
AutoRestart             yes
Background              yes
Canonicalization        relaxed/relaxed
DNSTimeout              5
Mode                    sv
SignatureAlgorithm      rsa-sha256
SubDomains              no
#UseASPDiscard          no
#Version                rfc4871
X-Header                no

#InternalHosts          /etc/mail/dkim-InternalHosts.txt
# The contents of /etc/mail/dkim-InternalHosts.txt should be
#   127.0.0.1/8
#   192.168.1.0/24
#   other.internal.host.domain.tld
# You need InternalHosts if you are signing e-mails on a gateway mail server
# for each of the computers on your LAN.


###############################################
# Other (less-standard) configuration options #
###############################################
#
# If enabled, log verification stats here
Statistics              /var/log/dkim-filter/dkim-stats
#
# KeyList is a file containing tuples of key information. Requires
# KeyFile to be unset. Each line of the file should be of the format:
#    sender glob:signing domain:signing key file
# Blank lines and lines beginning with # are ignored. Selector will be
# derived from the key's filename.
#KeyList                /etc/dkim-keys.conf
#
# If enabled, will generate verification failure reports for any messages
# that fail signature verification. These will be sent to the r= address
# in the policy record, if any.
#ReportInfo             yes
#
# If enabled, will issue a Sendmail QUARANTINE for any messages that fail
# signature verification, allowing them to be inspected later.
#Quarantine             yes
#
# If enabled, will check for required headers when processing messages.
# At a minimum, that means From: and Date: will be required. Messages not
# containing the required headers will not be signed or verified, but will
# be passed through
#RequiredHeaders        yes
Added DKIM server into the mix 2014-11-11 01:31:46 +00:00			`# Log to syslog`
			`Syslog yes`
			`# Required to use local socket with MTAs that access the socket as a non-`
			`# privileged user (e.g. Postfix)`
			`#UMask 002`
			`# dkim-milter (2.5.2.dfsg-1ubuntu1) hardy:`
			`# Disable new umask option by default (not needed since Ubuntu default`
			`# uses a TCP socket instead of a Unix socket).`

			`# Attempt to become the specified userid before starting operations.`
			`#UserID 105 # 'id postfix' in your shell`


			`# Sign for example.com with key in /etc/mail/dkim.key using`
			`# selector '2007' (e.g. 2007._domainkey.example.com)`
			`Domain example.com`
Dockermail is now modular 2015-07-08 12:17:04 +00:00			`KeyFile /etc/dkim.key`
Added DKIM server into the mix 2014-11-11 01:31:46 +00:00			`Selector mail`

			`# Common settings. See dkim-filter.conf(5) for more information.`
			`AutoRestart yes`
			`Background yes`
			`Canonicalization relaxed/relaxed`
			`DNSTimeout 5`
			`Mode sv`
			`SignatureAlgorithm rsa-sha256`
			`SubDomains no`
			`#UseASPDiscard no`
			`#Version rfc4871`
			`X-Header no`

			`#InternalHosts /etc/mail/dkim-InternalHosts.txt`
			`# The contents of /etc/mail/dkim-InternalHosts.txt should be`
			`# 127.0.0.1/8`
			`# 192.168.1.0/24`
			`# other.internal.host.domain.tld`
			`# You need InternalHosts if you are signing e-mails on a gateway mail server`
			`# for each of the computers on your LAN.`


			`###############################################`
			`# Other (less-standard) configuration options #`
			`###############################################`
			`#`
			`# If enabled, log verification stats here`
			`Statistics /var/log/dkim-filter/dkim-stats`
			`#`
			`# KeyList is a file containing tuples of key information. Requires`
			`# KeyFile to be unset. Each line of the file should be of the format:`
			`# sender glob:signing domain:signing key file`
			`# Blank lines and lines beginning with # are ignored. Selector will be`
			`# derived from the key's filename.`
			`#KeyList /etc/dkim-keys.conf`
			`#`
			`# If enabled, will generate verification failure reports for any messages`
			`# that fail signature verification. These will be sent to the r= address`
			`# in the policy record, if any.`
			`#ReportInfo yes`
			`#`
			`# If enabled, will issue a Sendmail QUARANTINE for any messages that fail`
			`# signature verification, allowing them to be inspected later.`
			`#Quarantine yes`
			`#`
			`# If enabled, will check for required headers when processing messages.`
			`# At a minimum, that means From: and Date: will be required. Messages not`
			`# containing the required headers will not be signed or verified, but will`
			`# be passed through`
fix dkim keyfile process_settings copies the key file to /etc, not /etc/mail 2015-03-11 14:55:09 +00:00			`#RequiredHeaders yes`