Merge branch 'dkimpy' of https://github.com/kiekerjan/mailinabox into dkimpy
This commit is contained in:
commit
4f600cee15
|
@ -306,7 +306,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
|
|||
|
||||
# Append the DKIM TXT record to the zone as generated by DKIMpy.
|
||||
# Skip if the user has set a DKIM record already.
|
||||
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.dns')
|
||||
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.dns')
|
||||
with open(dkim_record_file) as orf:
|
||||
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
|
||||
val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
|
||||
|
@ -314,7 +314,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
|
|||
records.append((m.group(1), "TXT", val, "Recommended. Provides a way for recipients to verify that this machine sent @%s mail." % domain))
|
||||
|
||||
# Also add a ed25519 DKIM record
|
||||
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.dns')
|
||||
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.dns')
|
||||
with open(dkim_record_file) as orf:
|
||||
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
|
||||
val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
|
||||
|
@ -830,8 +830,8 @@ def write_dkim_tables(domains, env):
|
|||
# Append a record to DKIMpy's KeyTable and SigningTable for each domain
|
||||
# that we send mail from (zones and all subdomains).
|
||||
|
||||
dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.key')
|
||||
dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.key')
|
||||
dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.key')
|
||||
dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.key')
|
||||
|
||||
if not os.path.exists(dkim_rsa_key_file) || not os.path.exists(dkim_ed_key_file):
|
||||
# Looks like DKIMpy is not installed.
|
||||
|
|
|
@ -15,7 +15,7 @@ apt_install dkimpy-milter python3-dkim opendmarc
|
|||
|
||||
# Make sure configuration directories exist.
|
||||
mkdir -p /etc/dkim;
|
||||
mkdir -p $STORAGE_ROOT/mail/dkim2
|
||||
mkdir -p $STORAGE_ROOT/mail/dkim
|
||||
|
||||
# Used in InternalHosts and ExternalIgnoreList configuration directives.
|
||||
# Not quite sure why.
|
||||
|
@ -44,21 +44,21 @@ tools/editconf.py /etc/dkimpy-milter/dkimpy-milter.conf -s \
|
|||
# in our DNS setup. Note that the files are named after the
|
||||
# 'selector' of the key, which we can change later on to support
|
||||
# key rotation.
|
||||
if [ ! -f "$STORAGE_ROOT/mail/dkim2/box-rsa.key" ]; then
|
||||
if [ ! -f "$STORAGE_ROOT/mail/dkim/box-rsa.key" ]; then
|
||||
# All defaults are supposed to be ok, default key for rsa is 2048 bit
|
||||
dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim2/box-rsa
|
||||
dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim2/box-ed25519
|
||||
dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim/box-rsa
|
||||
dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim/box-ed25519
|
||||
|
||||
# Force them into the format dns_update.py expects
|
||||
sed -i 's/v=DKIM1;/box-rsa._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-rsa.dns
|
||||
sed -i 's/v=DKIM1;/box-rsa._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-rsa.dns
|
||||
echo '" )' >> box-rsa.dns
|
||||
sed -i 's/v=DKIM1;/box-ed25519._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-ed25519.dns
|
||||
sed -i 's/v=DKIM1;/box-ed25519._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-ed25519.dns
|
||||
echo '" )' >> box-ed25519.dns
|
||||
fi
|
||||
|
||||
# Ensure files are owned by the dkimpy-milter user and are private otherwise.
|
||||
chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim2
|
||||
chmod go-rwx $STORAGE_ROOT/mail/dkim2
|
||||
chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim
|
||||
chmod go-rwx $STORAGE_ROOT/mail/dkim
|
||||
|
||||
tools/editconf.py /etc/opendmarc.conf -s \
|
||||
"Syslog=true" \
|
||||
|
|
Loading…
Reference in New Issue