diff options
Diffstat (limited to 'files/opendkim/opendkim.conf')
| -rw-r--r-- | files/opendkim/opendkim.conf | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/files/opendkim/opendkim.conf b/files/opendkim/opendkim.conf new file mode 100644 index 0000000..695156a --- /dev/null +++ b/files/opendkim/opendkim.conf @@ -0,0 +1,55 @@ +# This is a basic configuration that can easily be adapted to suit a standard +# installation. For more advanced options, see opendkim.conf(5) and/or +# /usr/share/doc/opendkim/examples/opendkim.conf.sample. + +# Log to syslog +Syslog yes +# Required to use local socket with MTAs that access the socket as a non- +# privileged user (e.g. Postfix) +UMask 002 + +# Sign for example.com with key in /etc/mail/dkim.key using +# selector '2007' (e.g. 2007._domainkey.example.com) +#Domain example.com +#KeyFile /etc/mail/dkim.key +#Selector 2007 + +# Commonly-used options; the commented-out versions show the defaults. +#Canonicalization simple +#Mode sv +#SubDomains no +#ADSPDiscard no + +# Always oversign From (sign using actual From and a null From to prevent +# malicious signatures header fields (From and/or others) between the signer +# and the verifier. From is oversigned by default in the Debian pacakge +# because it is often the identity key used by reputation systems and thus +# somewhat security sensitive. +OversignHeaders From + +# List domains to use for RFC 6541 DKIM Authorized Third-Party Signatures +# (ATPS) (experimental) + +#ATPSDomains example.com + +AutoRestart Yes +AutoRestartRate 10/1h +UMask 002 +Syslog yes +SyslogSuccess Yes +LogWhy Yes + +Canonicalization relaxed/simple + +ExternalIgnoreList refile:/etc/opendkim/TrustedHosts +InternalHosts refile:/etc/opendkim/TrustedHosts +KeyTable refile:/etc/opendkim/KeyTable +SigningTable refile:/etc/opendkim/SigningTable + +Mode sv +PidFile /var/run/opendkim/opendkim.pid +SignatureAlgorithm rsa-sha256 + +UserID opendkim:opendkim + +Socket inet:12301@localhost |