diff --git a/setup/dkim.sh b/setup/dkim.sh index 52ed809d..c9ba1e8b 100755 --- a/setup/dkim.sh +++ b/setup/dkim.sh @@ -33,13 +33,11 @@ tools/editconf.py /etc/dkimpy-milter/dkimpy-milter.conf -s \ "MacroListVerify=daemon_name|VERIFYING" \ "Canonicalization=relaxed/simple" \ "MinimumKeyBits=1024" \ - "ExternalIgnoreList=refile:/etc/dkim/TrustedHosts" \ "InternalHosts=refile:/etc/dkim/TrustedHosts" \ "KeyTable=refile:/etc/dkim/KeyTable" \ "KeyTableEd25519=refile:/etc/dkim/KeyTableEd25519" \ "SigningTable=refile:/etc/dkim/SigningTable" \ - "Socket=inet:8892@127.0.0.1" \ - "RequireSafeKeys=false" + "Socket=inet:8892@127.0.0.1" # Create a new DKIM key. This creates mail.private and mail.txt # in $STORAGE_ROOT/mail/dkim. The former is the private key and @@ -91,15 +89,6 @@ tools/editconf.py /etc/opendmarc.conf -s \ tools/editconf.py /etc/opendmarc.conf -s \ "FailureReportsOnNone=true" -# AlwaysAddARHeader Adds an "Authentication-Results:" header field even to -# unsigned messages from domains with no "signs all" policy. The reported DKIM -# result will be "none" in such cases. Normally unsigned mail from non-strict -# domains does not cause the results header field to be added. This added header -# is used by spamassassin to evaluate the mail for spamminess. - -tools/editconf.py /etc/dkimpy-milter/dkimpy-milter.conf -s \ - "AlwaysAddARHeader=true" - # Add DKIMpy and OpenDMARC as milters to postfix, which is how DKIMpy # intercepts outgoing mail to perform the signing (by adding a mail header) # and how they both intercept incoming mail to add Authentication-Results