Last active
May 22, 2018 13:25
-
-
Save ZsBT/505d443a7430d93ae859463966a406d1 to your computer and use it in GitHub Desktop.
Create opendkim configuration under Debian.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # to use with Postfix. | |
| # Exim users, get out of here! Write your own scripts. | |
| # | |
| set -e | |
| serviceIP="127.0.0.2" | |
| servicePort=1051 | |
| keybits=1024 # godaddy has limited TXT record size | |
| opendkim_conf=/etc/opendkim.conf | |
| postfix_conf=/etc/postfix/main.cf | |
| # | |
| apt install -y opendkim opendkim-tools | |
| # | |
| domainname=$(domainname) | |
| [ -f /etc/mailname ] && mailname=$(cat /etc/mailname) | |
| echo -n "Enter your domain name or leave empty for '$domainname': "; read input | |
| [ -n "$input" ] && domainname=$input | |
| # | |
| nodename=$(hostname) | |
| echo -n "Enter your node name or leave empty for '$nodename': "; read input | |
| [ -n "$input" ] && nodename=$input | |
| # | |
| #grep -q "^Socket" $opendkim_conf || \ | |
| grep -q "inet:$servicePort@$serviceIP" $opendkim_conf || \ | |
| echo "AutoRestart Yes | |
| AutoRestartRate 10/1h | |
| UMask 002 | |
| Syslog yes | |
| SyslogSuccess Yes | |
| LogWhy Yes | |
| Canonicalization relaxed/simple | |
| ExternalIgnoreList refile:/etc/opendkim/TrustedHosts | |
| InternalHosts refile:/etc/opendkim/TrustedHosts | |
| KeyTable refile:/etc/opendkim/KeyTable | |
| SigningTable refile:/etc/opendkim/SigningTable | |
| Mode sv | |
| PidFile /var/run/opendkim/opendkim.pid | |
| SignatureAlgorithm rsa-sha256 | |
| UserID opendkim:opendkim | |
| Socket inet:$servicePort@$serviceIP | |
| " >> $opendkim_conf | |
| # | |
| for key in smtpd_milters non_smtpd_milters;do | |
| value="inet:$serviceIP:$servicePort" | |
| grep -q "^$key" $postfix_conf && echo "add $value to $key in $postfix_conf!" || echo "$key = $value" >>$postfix_conf | |
| done | |
| # | |
| [ -d /etc/opendkim/keys ] || mkdir -p /etc/opendkim/keys | |
| cd /etc/opendkim | |
| [ -f TrustedHosts ] || echo "127.0.0.1 | |
| localhost | |
| #192.168.0.1/24 | |
| #*.example.net | |
| #*.example.org | |
| " >TrustedHosts | |
| # | |
| keydir=/etc/opendkim/keys/$domainname | |
| [ -f KeyTable ] || echo "$nodename._domainkey.$domainname $domainname:$nodename:$keydir/$nodename.private" >KeyTable | |
| [ -f SigningTable ] || echo "*@$domainname $nodename._domainkey.$domainname" >SigningTable | |
| [ -d $keydir ] || mkdir -p $keydir | |
| opendkim-genkey -b $keybits -s $nodename -d $domainname | |
| chown opendkim:opendkim $nodename.private | |
| service opendkim restart | |
| service postfix restart | |
| echo "add this to DNS:" | |
| cat $nodename.txt | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment