mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-22 02:17:26 +00:00
DKIM: For the benefit of ADSP and DMARC (not yet impl), each sending domain should be its signing domain
This commit is contained in:
parent
cfcb5f5bbd
commit
a8938e107e
@ -108,13 +108,13 @@ EOF
|
|||||||
# email addresses to signing information. The KeyTable maps specify the hostname,
|
# email addresses to signing information. The KeyTable maps specify the hostname,
|
||||||
# the selector, and the path to the private key.
|
# the selector, and the path to the private key.
|
||||||
#
|
#
|
||||||
# Just in case we don't actually host the DNS for all domains of our mail users,
|
# DKIM ADSP and DMARC both only support policies where the signing domain matches
|
||||||
# we assume that DKIM is at least configured in the DNS of $PUBLIC_HOSTNAME and
|
# the From address, so the KeyTable must specify that the signing domain for a
|
||||||
# we use that host for all DKIM signatures.
|
# sender matches the sender's domain.
|
||||||
#
|
#
|
||||||
# In SigningTable, we map every email address to a key record called $zone.
|
# In SigningTable, we map every email address to a key record called $zone.
|
||||||
# Then we specify for the key record named $zone its domain, selector, and key.
|
# Then we specify for the key record named $zone its domain, selector, and key.
|
||||||
echo "$zone $PUBLIC_HOSTNAME:mail:$STORAGE_ROOT/mail/dkim/mail.private" >> /etc/opendkim/KeyTable
|
echo "$zone $zone:mail:$STORAGE_ROOT/mail/dkim/mail.private" >> /etc/opendkim/KeyTable
|
||||||
echo "*@$zone $zone" >> /etc/opendkim/SigningTable
|
echo "*@$zone $zone" >> /etc/opendkim/SigningTable
|
||||||
|
|
||||||
done
|
done
|
||||||
|
Loading…
Reference in New Issue
Block a user