external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-23 02:27:05 +00:00
Code Issues Releases Wiki Activity

allow a custom dkim selector

Browse Source
This commit is contained in:
bilogic 2024-04-21 18:05:58 +08:00
parent 09fb6d0ad8
commit 12f1486141
3 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
management/dns_update.py
View File

@ -291,7 +291,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
# Append the DKIM TXT record to the zone as generated by OpenDKIM. # Append the DKIM TXT record to the zone as generated by OpenDKIM.
# Skip if the user has set a DKIM record already. # Skip if the user has set a DKIM record already.
opendkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/mail.txt') opendkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/' + env['DKIM_SELECTOR'] + '.txt')
with open(opendkim_record_file, encoding="utf-8") as orf: with open(opendkim_record_file, encoding="utf-8") as orf:
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S) m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
val = "".join(re.findall(r'"([^"]+)"', m.group(2))) val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
@ -752,12 +752,13 @@ def write_opendkim_tables(domains, env):
# Append a record to OpenDKIM's KeyTable and SigningTable for each domain # Append a record to OpenDKIM's KeyTable and SigningTable for each domain
# that we send mail from (zones and all subdomains). # that we send mail from (zones and all subdomains).
opendkim_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/mail.private') opendkim_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/' + env['DKIM_SELECTOR'] + '.private')
if not os.path.exists(opendkim_key_file): if not os.path.exists(opendkim_key_file):
# Looks like OpenDKIM is not installed. # Looks like OpenDKIM is not installed.
return False return False
selector=env['DKIM_SELECTOR']
config = { config = {
# The SigningTable maps email addresses to a key in the KeyTable that # The SigningTable maps email addresses to a key in the KeyTable that
# specifies signing information for matching email addresses. Here we # specifies signing information for matching email addresses. Here we
@ -777,7 +778,7 @@ def write_opendkim_tables(domains, env):
# signing domain must match the sender's From: domain. # signing domain must match the sender's From: domain.
"KeyTable": "KeyTable":
"".join( "".join(
f"{domain} {domain}:mail:{opendkim_key_file}\n" f"{domain} {domain}:{selector}:{opendkim_key_file}\n"
for domain in domains for domain in domains
), ),
} }

4
setup/dkim.sh
View File

@ -52,8 +52,8 @@ fi
# A 1024-bit key is seen as a minimum standard by several providers # A 1024-bit key is seen as a minimum standard by several providers
# such as Google. But they and others use a 2048 bit key, so we'll # such as Google. But they and others use a 2048 bit key, so we'll
# do the same. Keys beyond 2048 bits may exceed DNS record limits. # do the same. Keys beyond 2048 bits may exceed DNS record limits.
if [ ! -f "$STORAGE_ROOT/mail/dkim/mail.private" ]; then if [ ! -f "$STORAGE_ROOT/mail/dkim/$DKIM_SELECTOR.private" ]; then
opendkim-genkey -b 2048 -r -s mail -D "$STORAGE_ROOT/mail/dkim" opendkim-genkey -b 2048 -r -s $DKIM_SELECTOR -D $STORAGE_ROOT/mail/dkim
fi fi
# Ensure files are owned by the opendkim user and are private otherwise. # Ensure files are owned by the opendkim user and are private otherwise.

1
setup/start.sh
View File

@ -111,6 +111,7 @@ PUBLIC_IPV6=$PUBLIC_IPV6
PRIVATE_IP=$PRIVATE_IP PRIVATE_IP=$PRIVATE_IP
PRIVATE_IPV6=$PRIVATE_IPV6 PRIVATE_IPV6=$PRIVATE_IPV6
MTA_STS_MODE=${DEFAULT_MTA_STS_MODE:-enforce} MTA_STS_MODE=${DEFAULT_MTA_STS_MODE:-enforce}
DKIM_SELECTOR=${DEFAULT_DKIM_SELECTOR:-mail}
EOF EOF
# Start service configuration. # Start service configuration.