opendkim funktioniert

author mhoellein <mario@hoellein.online>

Wed, 19 Jun 2019 13:01:31 +0000 (15:01 +0200)

committer mhoellein <mario@hoellein.online>

Wed, 19 Jun 2019 13:01:31 +0000 (15:01 +0200)
author mhoellein <mario@hoellein.online>
Wed, 19 Jun 2019 13:01:31 +0000 (15:01 +0200)
committer mhoellein <mario@hoellein.online>
Wed, 19 Jun 2019 13:01:31 +0000 (15:01 +0200)
diff --git a/.etckeeper b/.etckeeper

index 9354e80ae801147bdbd1e04650a669c6fee7c618..a46db11b5819471e2d3c6d32c5460ee25b5422a4 100755 (executable)
--- a/.etckeeper
+++ b/.etckeeper
@@ -1633,6 +1633,12 @@ maybe chmod 0644 'letsencrypt/csr/0430_csr-certbot.pem'
  maybe chmod 0644 'letsencrypt/csr/0431_csr-certbot.pem'
  maybe chmod 0644 'letsencrypt/csr/0432_csr-certbot.pem'
  maybe chmod 0644 'letsencrypt/csr/0433_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0434_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0435_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0436_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0437_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0438_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0439_csr-certbot.pem'
  maybe chmod 0700 'letsencrypt/keys'
  maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem'
  maybe chmod 0600 'letsencrypt/keys/0001_key-certbot.pem'
@@ -2068,6 +2074,12 @@ maybe chmod 0600 'letsencrypt/keys/0430_key-certbot.pem'
  maybe chmod 0600 'letsencrypt/keys/0431_key-certbot.pem'
  maybe chmod 0600 'letsencrypt/keys/0432_key-certbot.pem'
  maybe chmod 0600 'letsencrypt/keys/0433_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0434_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0435_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0436_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0437_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0438_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0439_key-certbot.pem'
  maybe chmod 0700 'letsencrypt/live'
  maybe chmod 0755 'letsencrypt/live/collabora.hoellein.online'
  maybe chmod 0644 'letsencrypt/live/collabora.hoellein.online/README'
@@ -2215,14 +2227,19 @@ maybe chmod 0755 'nginx'
  maybe chmod 0755 'nginx/snippets'
  maybe chmod 0644 'nginx/snippets/loolwsd.conf'
  maybe chmod 0644 'nsswitch.conf'
+maybe chgrp 'opendkim' 'opendkim'
  maybe chmod 0755 'opendkim'
  maybe chmod 0644 'opendkim.conf'
  maybe chmod 0644 'opendkim.conf.save'
-maybe chmod 0700 'opendkim/keys'
+maybe chgrp 'opendkim' 'opendkim/keys'
+maybe chmod 0750 'opendkim/keys'
+maybe chown 'opendkim' 'opendkim/keys/key1.private'
  maybe chgrp 'opendkim' 'opendkim/keys/key1.private'
-maybe chmod 0640 'opendkim/keys/key1.private'
+maybe chmod 0600 'opendkim/keys/key1.private'
  maybe chmod 0600 'opendkim/keys/key1.txt'
+maybe chgrp 'opendkim' 'opendkim/keytable'
  maybe chmod 0644 'opendkim/keytable'
+maybe chgrp 'opendkim' 'opendkim/signingtable'
  maybe chmod 0644 'opendkim/signingtable'
  maybe chmod 0755 'opendmarc'
  maybe chmod 0644 'opendmarc.conf'
diff --git a/opendkim.conf b/opendkim.conf

index fe6f96c4eceb96ceebb51b17e843c24bc74b56af..9586a8cbe248fbb20f0db9bb3d2a85402081712f 100644 (file)
--- a/opendkim.conf
+++ b/opendkim.conf
@@ -2,10 +2,11 @@ Syslog              yes
  LogResults          yes
  LogWhy              yes
  SyslogSuccess       yes
+UserID              opendkim
  UMask               002
  Canonicalization    relaxed/relaxed
+Socket              unix:/var/run/opendkim/opendkim.sock
  PidFile             /var/run/opendkim/opendkim.pid
-Socket              local:/var/run/opendkim/opendkim.sock
  RequireSafeKeys            false
  
  # Nur signieren, nicht verifizieren (Verifizierung übernimmt Amavis)
diff --git a/opendmarc.conf b/opendmarc.conf

index 84fb725d5cb31f38e433a35d59fa672b871339a2..2aebdd44f00bd7afc2f8cc918ea7f9b9a0f0adc3 100644 (file)
--- a/opendmarc.conf
+++ b/opendmarc.conf
@@ -117,5 +117,5 @@ IgnoreHosts /etc/opendmarc/ignore.hosts
  HistoryFile /var/run/opendmarc/opendmarc.dat
  #for testing:
  SoftwareHeader true
-#IgnoreAuthenticatedClients true
+IgnoreAuthenticatedClients true
  MilterDebug 5
diff --git a/postfix/main.cf b/postfix/main.cf

index 37a18d3401ff0d80123af8d76c4f4865cbb02889..24effd709853e7478fb1897745330b00124e2c16 100644 (file)
--- a/postfix/main.cf
+++ b/postfix/main.cf
@@ -68,10 +68,12 @@ virtual_transport = lmtp:unix:private/dovecot-lmtp
  milter_default_action = accept
  milter_protocol = 2
  smtpd_milters = unix:/var/lib/amavis/amavisd-milter.sock,
-                unix:/var/run/opendkim/opendkim.sock
+                unix:/var/run/opendkim/opendkim.sock,
                 unix:/var/run/opendmarc/opendmarc.sock
  non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock
  
+#unix:/var/run/opendkim/opendkim.sock,
+
  ##
  ## Server Restrictions für Clients, Empfänger und Relaying
  ## (im Bezug auf S2S-Verbindungen. Mailclient-Verbindungen werden in master.cf im Submission-Bereich konfiguriert)
author	mhoellein <mario@hoellein.online>
	Wed, 19 Jun 2019 13:01:31 +0000 (15:01 +0200)
committer	mhoellein <mario@hoellein.online>
	Wed, 19 Jun 2019 13:01:31 +0000 (15:01 +0200)
.etckeeper		patch \| blob \| history
opendkim.conf		patch \| blob \| history
opendmarc.conf		patch \| blob \| history
postfix/main.cf		patch \| blob \| history