mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-24 07:37:04 +00:00
allow a custom dkim selector
This commit is contained in:
parent
09fb6d0ad8
commit
12f1486141
@ -291,7 +291,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
|
||||
|
||||
# Append the DKIM TXT record to the zone as generated by OpenDKIM.
|
||||
# Skip if the user has set a DKIM record already.
|
||||
opendkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/mail.txt')
|
||||
opendkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/' + env['DKIM_SELECTOR'] + '.txt')
|
||||
with open(opendkim_record_file, encoding="utf-8") as orf:
|
||||
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
|
||||
val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
|
||||
@ -752,12 +752,13 @@ def write_opendkim_tables(domains, env):
|
||||
# Append a record to OpenDKIM's KeyTable and SigningTable for each domain
|
||||
# that we send mail from (zones and all subdomains).
|
||||
|
||||
opendkim_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/mail.private')
|
||||
opendkim_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/' + env['DKIM_SELECTOR'] + '.private')
|
||||
|
||||
if not os.path.exists(opendkim_key_file):
|
||||
# Looks like OpenDKIM is not installed.
|
||||
return False
|
||||
|
||||
selector=env['DKIM_SELECTOR']
|
||||
config = {
|
||||
# The SigningTable maps email addresses to a key in the KeyTable that
|
||||
# specifies signing information for matching email addresses. Here we
|
||||
@ -777,7 +778,7 @@ def write_opendkim_tables(domains, env):
|
||||
# signing domain must match the sender's From: domain.
|
||||
"KeyTable":
|
||||
"".join(
|
||||
f"{domain} {domain}:mail:{opendkim_key_file}\n"
|
||||
f"{domain} {domain}:{selector}:{opendkim_key_file}\n"
|
||||
for domain in domains
|
||||
),
|
||||
}
|
||||
|
@ -52,8 +52,8 @@ fi
|
||||
# A 1024-bit key is seen as a minimum standard by several providers
|
||||
# such as Google. But they and others use a 2048 bit key, so we'll
|
||||
# do the same. Keys beyond 2048 bits may exceed DNS record limits.
|
||||
if [ ! -f "$STORAGE_ROOT/mail/dkim/mail.private" ]; then
|
||||
opendkim-genkey -b 2048 -r -s mail -D "$STORAGE_ROOT/mail/dkim"
|
||||
if [ ! -f "$STORAGE_ROOT/mail/dkim/$DKIM_SELECTOR.private" ]; then
|
||||
opendkim-genkey -b 2048 -r -s $DKIM_SELECTOR -D $STORAGE_ROOT/mail/dkim
|
||||
fi
|
||||
|
||||
# Ensure files are owned by the opendkim user and are private otherwise.
|
||||
|
@ -111,6 +111,7 @@ PUBLIC_IPV6=$PUBLIC_IPV6
|
||||
PRIVATE_IP=$PRIVATE_IP
|
||||
PRIVATE_IPV6=$PRIVATE_IPV6
|
||||
MTA_STS_MODE=${DEFAULT_MTA_STS_MODE:-enforce}
|
||||
DKIM_SELECTOR=${DEFAULT_DKIM_SELECTOR:-mail}
|
||||
EOF
|
||||
|
||||
# Start service configuration.
|
||||
|
Loading…
Reference in New Issue
Block a user