68 lines
2.6 KiB
Plaintext
68 lines
2.6 KiB
Plaintext
# Log to syslog
|
|
Syslog yes
|
|
# Required to use local socket with MTAs that access the socket as a non-
|
|
# privileged user (e.g. Postfix)
|
|
#UMask 002
|
|
# dkim-milter (2.5.2.dfsg-1ubuntu1) hardy:
|
|
# Disable new umask option by default (not needed since Ubuntu default
|
|
# uses a TCP socket instead of a Unix socket).
|
|
|
|
# Attempt to become the specified userid before starting operations.
|
|
#UserID 105 # 'id postfix' in your shell
|
|
|
|
|
|
# Sign for example.com with key in /etc/mail/dkim.key using
|
|
# selector '2007' (e.g. 2007._domainkey.example.com)
|
|
Domain example.com
|
|
KeyFile /etc/mail/dkim.key # See bellow how to generate and set up the key
|
|
Selector mail
|
|
|
|
# Common settings. See dkim-filter.conf(5) for more information.
|
|
AutoRestart yes
|
|
Background yes
|
|
Canonicalization relaxed/relaxed
|
|
DNSTimeout 5
|
|
Mode sv
|
|
SignatureAlgorithm rsa-sha256
|
|
SubDomains no
|
|
#UseASPDiscard no
|
|
#Version rfc4871
|
|
X-Header no
|
|
|
|
#InternalHosts /etc/mail/dkim-InternalHosts.txt
|
|
# The contents of /etc/mail/dkim-InternalHosts.txt should be
|
|
# 127.0.0.1/8
|
|
# 192.168.1.0/24
|
|
# other.internal.host.domain.tld
|
|
# You need InternalHosts if you are signing e-mails on a gateway mail server
|
|
# for each of the computers on your LAN.
|
|
|
|
|
|
###############################################
|
|
# Other (less-standard) configuration options #
|
|
###############################################
|
|
#
|
|
# If enabled, log verification stats here
|
|
Statistics /var/log/dkim-filter/dkim-stats
|
|
#
|
|
# KeyList is a file containing tuples of key information. Requires
|
|
# KeyFile to be unset. Each line of the file should be of the format:
|
|
# sender glob:signing domain:signing key file
|
|
# Blank lines and lines beginning with # are ignored. Selector will be
|
|
# derived from the key's filename.
|
|
#KeyList /etc/dkim-keys.conf
|
|
#
|
|
# If enabled, will generate verification failure reports for any messages
|
|
# that fail signature verification. These will be sent to the r= address
|
|
# in the policy record, if any.
|
|
#ReportInfo yes
|
|
#
|
|
# If enabled, will issue a Sendmail QUARANTINE for any messages that fail
|
|
# signature verification, allowing them to be inspected later.
|
|
#Quarantine yes
|
|
#
|
|
# If enabled, will check for required headers when processing messages.
|
|
# At a minimum, that means From: and Date: will be required. Messages not
|
|
# containing the required headers will not be signed or verified, but will
|
|
# be passed through
|
|
#RequiredHeaders yes |