diff --git a/management/dns_update.py b/management/dns_update.py index 1b755460..e009392a 100755 --- a/management/dns_update.py +++ b/management/dns_update.py @@ -306,7 +306,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True) # Append the DKIM TXT record to the zone as generated by DKIMpy. # Skip if the user has set a DKIM record already. - dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.dns') + dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.dns') with open(dkim_record_file) as orf: m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S) val = "".join(re.findall(r'"([^"]+)"', m.group(2))) @@ -314,7 +314,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True) records.append((m.group(1), "TXT", val, "Recommended. Provides a way for recipients to verify that this machine sent @%s mail." % domain)) # Also add a ed25519 DKIM record - dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.dns') + dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.dns') with open(dkim_record_file) as orf: m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S) val = "".join(re.findall(r'"([^"]+)"', m.group(2))) @@ -830,8 +830,8 @@ def write_dkim_tables(domains, env): # Append a record to DKIMpy's KeyTable and SigningTable for each domain # that we send mail from (zones and all subdomains). - dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.key') - dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.key') + dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.key') + dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.key') if not os.path.exists(dkim_rsa_key_file) || not os.path.exists(dkim_ed_key_file): # Looks like DKIMpy is not installed. diff --git a/setup/dkim.sh b/setup/dkim.sh index 9aa8a6b6..0fa303e2 100755 --- a/setup/dkim.sh +++ b/setup/dkim.sh @@ -15,7 +15,7 @@ apt_install dkimpy-milter python3-dkim opendmarc # Make sure configuration directories exist. mkdir -p /etc/dkim; -mkdir -p $STORAGE_ROOT/mail/dkim2 +mkdir -p $STORAGE_ROOT/mail/dkim # Used in InternalHosts and ExternalIgnoreList configuration directives. # Not quite sure why. @@ -44,21 +44,21 @@ tools/editconf.py /etc/dkimpy-milter/dkimpy-milter.conf -s \ # in our DNS setup. Note that the files are named after the # 'selector' of the key, which we can change later on to support # key rotation. -if [ ! -f "$STORAGE_ROOT/mail/dkim2/box-rsa.key" ]; then +if [ ! -f "$STORAGE_ROOT/mail/dkim/box-rsa.key" ]; then # All defaults are supposed to be ok, default key for rsa is 2048 bit - dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim2/box-rsa - dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim2/box-ed25519 + dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim/box-rsa + dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim/box-ed25519 # Force them into the format dns_update.py expects - sed -i 's/v=DKIM1;/box-rsa._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-rsa.dns + sed -i 's/v=DKIM1;/box-rsa._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-rsa.dns echo '" )' >> box-rsa.dns - sed -i 's/v=DKIM1;/box-ed25519._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-ed25519.dns + sed -i 's/v=DKIM1;/box-ed25519._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-ed25519.dns echo '" )' >> box-ed25519.dns fi # Ensure files are owned by the dkimpy-milter user and are private otherwise. -chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim2 -chmod go-rwx $STORAGE_ROOT/mail/dkim2 +chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim +chmod go-rwx $STORAGE_ROOT/mail/dkim tools/editconf.py /etc/opendmarc.conf -s \ "Syslog=true" \