From 04384fbb7d9f160f231fd48fa0a36139805600f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Lo=C5=A1=C5=A5=C3=A1k?= <xlostak@gmail.com>
Date: Sat, 28 Mar 2026 07:17:52 +0100
Subject: [PATCH] Removed some troubling settings

---
 README.md     | 42 +-----------------------------------------
 entrypoint.sh | 24 +-----------------------
 2 files changed, 2 insertions(+), 64 deletions(-)

diff --git a/README.md b/README.md
index 057d427..43ddf31 100644
--- a/README.md
+++ b/README.md
@@ -97,16 +97,7 @@ OPENDKIM_TRUSTANCHORFILE=""
 OPENDKIM_INTERNALHOSTS="127.0.0.1,localhost,127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8"
 
 # ExternalIgnoreList value for OpenDKIM.
-OPENDKIM_EXTERNALIGNORELIST="refile:/etc/opendkim/TrustedHosts"
-
-# Path to file used for InternalHosts.
-OPENDKIM_INTERNALHOSTS_FILE="/etc/opendkim/TrustedHosts"
-
-# Path to KeyTable.
-OPENDKIM_KEYTABLE="/etc/opendkim/KeyTable"
-
-# Path to SigningTable.
-OPENDKIM_SIGNINGTABLE="refile:/etc/opendkim/SigningTable"
+OPENDKIM_EXTERNALIGNORELIST=""
 
 # PID file path.
 OPENDKIM_PIDFILE="/run/opendkim/opendkim.pid"
@@ -148,7 +139,6 @@ At startup the container:
 - creates OpenDKIM runtime directories
 - copies the mounted private key to `/var/opendkim/dkim.private`
 - sets secure ownership and permissions on the copied key
-- generates `TrustedHosts`, `KeyTable`, and `SigningTable` if they are empty
 - generates `/etc/opendkim.conf` from environment variables
 - starts OpenDKIM using `/etc/opendkim.conf`
 
@@ -163,36 +153,6 @@ The entrypoint generates these files automatically:
 /var/opendkim/dkim.private
 ```
 
-# Default generated tables
-For example, with:
-
-```sh
-OPENDKIM_DOMAIN=example.com
-OPENDKIM_SELECTOR=dkim
-```
-
-the generated files look like this:
-
-## /etc/opendkim/KeyTable
-```txt
-dkim._domainkey.example.com example.com:dkim:/var/opendkim/dkim.private
-```
-
-## /etc/opendkim/SigningTable
-```txt
-*@example.com dkim._domainkey.example.com
-```
-
-## /etc/opendkim/TrustedHosts
-```txt
-127.0.0.1
-localhost
-127.0.0.0/8
-192.168.0.0/16
-172.16.0.0/12
-10.0.0.0/8
-```
-
 # Postfix example
 Example Postfix settings when OpenDKIM runs in another container named `opendkim`:
 
diff --git a/entrypoint.sh b/entrypoint.sh
index 01ac367..369e71e 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -63,31 +63,11 @@ if [ ! -s /etc/opendkim/TrustedHosts ]; then
   printf '%s\n' "${OPENDKIM_INTERNALHOSTS}" | tr ',' '\n' > /etc/opendkim/TrustedHosts
 fi
 
-# Generate KeyTable from env if file is empty.
-if [ ! -s /etc/opendkim/KeyTable ]; then
-  printf '%s._domainkey.%s %s:%s:/var/opendkim/dkim.private\n' \
-    "${OPENDKIM_SELECTOR}" \
-    "${OPENDKIM_DOMAIN}" \
-    "${OPENDKIM_DOMAIN}" \
-    "${OPENDKIM_SELECTOR}" \
-    > /etc/opendkim/KeyTable
-fi
-
-# Generate SigningTable from env if file is empty.
-if [ ! -s /etc/opendkim/SigningTable ]; then
-  printf '*@%s %s._domainkey.%s\n' \
-    "${OPENDKIM_DOMAIN}" \
-    "${OPENDKIM_SELECTOR}" \
-    "${OPENDKIM_DOMAIN}" \
-    > /etc/opendkim/SigningTable
-fi
-
-chown "${OPENDKIM_USER}:${OPENDKIM_GROUP}" /etc/opendkim/TrustedHosts /etc/opendkim/KeyTable /etc/opendkim/SigningTable
-
 cat > /etc/opendkim.conf <<EOF
 Syslog                  yes
 LogWhy                  yes
 UMask                   ${OPENDKIM_UMASK}
+Domain                  ${OPENDKIM_DOMAIN}
 Canonicalization        ${OPENDKIM_CANONICALIZATION}
 Mode                    ${OPENDKIM_MODE}
 SubDomains              ${OPENDKIM_SUBDOMAINS}
@@ -95,8 +75,6 @@ OversignHeaders         ${OPENDKIM_OVERSIGNHEADERS}
 UserID                  ${OPENDKIM_USERID}
 Socket                  ${OPENDKIM_SOCKET}
 PidFile                 ${OPENDKIM_PIDFILE}
-KeyTable                ${OPENDKIM_KEYTABLE}
-SigningTable            ${OPENDKIM_SIGNINGTABLE}
 InternalHosts           ${OPENDKIM_INTERNALHOSTS}
 AutoRestart             ${OPENDKIM_AUTO_RESTART}
 AutoRestartRate         ${OPENDKIM_AUTO_RESTART_RATE}