mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-24 07:37:04 +00:00
Merge branch 'dkimpy' of https://github.com/kiekerjan/mailinabox into dkimpy
This commit is contained in:
commit
4f600cee15
@ -306,7 +306,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
|
|||||||
|
|
||||||
# Append the DKIM TXT record to the zone as generated by DKIMpy.
|
# Append the DKIM TXT record to the zone as generated by DKIMpy.
|
||||||
# Skip if the user has set a DKIM record already.
|
# Skip if the user has set a DKIM record already.
|
||||||
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.dns')
|
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.dns')
|
||||||
with open(dkim_record_file) as orf:
|
with open(dkim_record_file) as orf:
|
||||||
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
|
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
|
||||||
val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
|
val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
|
||||||
@ -314,7 +314,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
|
|||||||
records.append((m.group(1), "TXT", val, "Recommended. Provides a way for recipients to verify that this machine sent @%s mail." % domain))
|
records.append((m.group(1), "TXT", val, "Recommended. Provides a way for recipients to verify that this machine sent @%s mail." % domain))
|
||||||
|
|
||||||
# Also add a ed25519 DKIM record
|
# Also add a ed25519 DKIM record
|
||||||
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.dns')
|
dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.dns')
|
||||||
with open(dkim_record_file) as orf:
|
with open(dkim_record_file) as orf:
|
||||||
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
|
m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
|
||||||
val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
|
val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
|
||||||
@ -830,8 +830,8 @@ def write_dkim_tables(domains, env):
|
|||||||
# Append a record to DKIMpy's KeyTable and SigningTable for each domain
|
# Append a record to DKIMpy's KeyTable and SigningTable for each domain
|
||||||
# that we send mail from (zones and all subdomains).
|
# that we send mail from (zones and all subdomains).
|
||||||
|
|
||||||
dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.key')
|
dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.key')
|
||||||
dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.key')
|
dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.key')
|
||||||
|
|
||||||
if not os.path.exists(dkim_rsa_key_file) || not os.path.exists(dkim_ed_key_file):
|
if not os.path.exists(dkim_rsa_key_file) || not os.path.exists(dkim_ed_key_file):
|
||||||
# Looks like DKIMpy is not installed.
|
# Looks like DKIMpy is not installed.
|
||||||
|
@ -15,7 +15,7 @@ apt_install dkimpy-milter python3-dkim opendmarc
|
|||||||
|
|
||||||
# Make sure configuration directories exist.
|
# Make sure configuration directories exist.
|
||||||
mkdir -p /etc/dkim;
|
mkdir -p /etc/dkim;
|
||||||
mkdir -p $STORAGE_ROOT/mail/dkim2
|
mkdir -p $STORAGE_ROOT/mail/dkim
|
||||||
|
|
||||||
# Used in InternalHosts and ExternalIgnoreList configuration directives.
|
# Used in InternalHosts and ExternalIgnoreList configuration directives.
|
||||||
# Not quite sure why.
|
# Not quite sure why.
|
||||||
@ -44,21 +44,21 @@ tools/editconf.py /etc/dkimpy-milter/dkimpy-milter.conf -s \
|
|||||||
# in our DNS setup. Note that the files are named after the
|
# in our DNS setup. Note that the files are named after the
|
||||||
# 'selector' of the key, which we can change later on to support
|
# 'selector' of the key, which we can change later on to support
|
||||||
# key rotation.
|
# key rotation.
|
||||||
if [ ! -f "$STORAGE_ROOT/mail/dkim2/box-rsa.key" ]; then
|
if [ ! -f "$STORAGE_ROOT/mail/dkim/box-rsa.key" ]; then
|
||||||
# All defaults are supposed to be ok, default key for rsa is 2048 bit
|
# All defaults are supposed to be ok, default key for rsa is 2048 bit
|
||||||
dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim2/box-rsa
|
dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim/box-rsa
|
||||||
dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim2/box-ed25519
|
dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim/box-ed25519
|
||||||
|
|
||||||
# Force them into the format dns_update.py expects
|
# Force them into the format dns_update.py expects
|
||||||
sed -i 's/v=DKIM1;/box-rsa._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-rsa.dns
|
sed -i 's/v=DKIM1;/box-rsa._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-rsa.dns
|
||||||
echo '" )' >> box-rsa.dns
|
echo '" )' >> box-rsa.dns
|
||||||
sed -i 's/v=DKIM1;/box-ed25519._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-ed25519.dns
|
sed -i 's/v=DKIM1;/box-ed25519._domainkey IN TXT ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-ed25519.dns
|
||||||
echo '" )' >> box-ed25519.dns
|
echo '" )' >> box-ed25519.dns
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Ensure files are owned by the dkimpy-milter user and are private otherwise.
|
# Ensure files are owned by the dkimpy-milter user and are private otherwise.
|
||||||
chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim2
|
chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim
|
||||||
chmod go-rwx $STORAGE_ROOT/mail/dkim2
|
chmod go-rwx $STORAGE_ROOT/mail/dkim
|
||||||
|
|
||||||
tools/editconf.py /etc/opendmarc.conf -s \
|
tools/editconf.py /etc/opendmarc.conf -s \
|
||||||
"Syslog=true" \
|
"Syslog=true" \
|
||||||
|
Loading…
Reference in New Issue
Block a user