lostakj/opendkim-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Removed some troubling settings

Browse Source
This commit is contained in:
Jan Lošťák
2026-03-28 07:17:52 +01:00
parent 13666124f8
commit 04384fbb7d
2 changed files with 2 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
README.md
View File

@@ -97,16 +97,7 @@ OPENDKIM_TRUSTANCHORFILE=""
OPENDKIM_INTERNALHOSTS="127.0.0.1,localhost,127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8" OPENDKIM_INTERNALHOSTS="127.0.0.1,localhost,127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8"
# ExternalIgnoreList value for OpenDKIM. # ExternalIgnoreList value for OpenDKIM.
OPENDKIM_EXTERNALIGNORELIST="refile:/etc/opendkim/TrustedHosts" OPENDKIM_EXTERNALIGNORELIST=""
# Path to file used for InternalHosts.
OPENDKIM_INTERNALHOSTS_FILE="/etc/opendkim/TrustedHosts"
# Path to KeyTable.
OPENDKIM_KEYTABLE="/etc/opendkim/KeyTable"
# Path to SigningTable.
OPENDKIM_SIGNINGTABLE="refile:/etc/opendkim/SigningTable"
# PID file path. # PID file path.
OPENDKIM_PIDFILE="/run/opendkim/opendkim.pid" OPENDKIM_PIDFILE="/run/opendkim/opendkim.pid"
@@ -148,7 +139,6 @@ At startup the container:
- creates OpenDKIM runtime directories - creates OpenDKIM runtime directories
- copies the mounted private key to `/var/opendkim/dkim.private` - copies the mounted private key to `/var/opendkim/dkim.private`
- sets secure ownership and permissions on the copied key - sets secure ownership and permissions on the copied key
- generates `TrustedHosts`, `KeyTable`, and `SigningTable` if they are empty
- generates `/etc/opendkim.conf` from environment variables - generates `/etc/opendkim.conf` from environment variables
- starts OpenDKIM using `/etc/opendkim.conf` - starts OpenDKIM using `/etc/opendkim.conf`
@@ -163,36 +153,6 @@ The entrypoint generates these files automatically:
/var/opendkim/dkim.private /var/opendkim/dkim.private
``` ```
# Default generated tables
For example, with:
```sh
OPENDKIM_DOMAIN=example.com
OPENDKIM_SELECTOR=dkim
```
the generated files look like this:
## /etc/opendkim/KeyTable
```txt
dkim._domainkey.example.com example.com:dkim:/var/opendkim/dkim.private
```
## /etc/opendkim/SigningTable
```txt
*@example.com dkim._domainkey.example.com
```
## /etc/opendkim/TrustedHosts
```txt
127.0.0.1
localhost
127.0.0.0/8
192.168.0.0/16
172.16.0.0/12
10.0.0.0/8
```
# Postfix example # Postfix example
Example Postfix settings when OpenDKIM runs in another container named `opendkim`: Example Postfix settings when OpenDKIM runs in another container named `opendkim`:

24
entrypoint.sh
View File

@@ -63,31 +63,11 @@ if [ ! -s /etc/opendkim/TrustedHosts ]; then
printf '%s\n' "${OPENDKIM_INTERNALHOSTS}" | tr ',' '\n' > /etc/opendkim/TrustedHosts printf '%s\n' "${OPENDKIM_INTERNALHOSTS}" | tr ',' '\n' > /etc/opendkim/TrustedHosts
fi fi
# Generate KeyTable from env if file is empty.
if [ ! -s /etc/opendkim/KeyTable ]; then
printf '%s._domainkey.%s %s:%s:/var/opendkim/dkim.private\n' \
"${OPENDKIM_SELECTOR}" \
"${OPENDKIM_DOMAIN}" \
"${OPENDKIM_DOMAIN}" \
"${OPENDKIM_SELECTOR}" \
> /etc/opendkim/KeyTable
fi
# Generate SigningTable from env if file is empty.
if [ ! -s /etc/opendkim/SigningTable ]; then
printf '*@%s %s._domainkey.%s\n' \
"${OPENDKIM_DOMAIN}" \
"${OPENDKIM_SELECTOR}" \
"${OPENDKIM_DOMAIN}" \
> /etc/opendkim/SigningTable
fi
chown "${OPENDKIM_USER}:${OPENDKIM_GROUP}" /etc/opendkim/TrustedHosts /etc/opendkim/KeyTable /etc/opendkim/SigningTable
cat > /etc/opendkim.conf <<EOF cat > /etc/opendkim.conf <<EOF
Syslog yes Syslog yes
LogWhy yes LogWhy yes
UMask ${OPENDKIM_UMASK} UMask ${OPENDKIM_UMASK}
Domain ${OPENDKIM_DOMAIN}
Canonicalization ${OPENDKIM_CANONICALIZATION} Canonicalization ${OPENDKIM_CANONICALIZATION}
Mode ${OPENDKIM_MODE} Mode ${OPENDKIM_MODE}
SubDomains ${OPENDKIM_SUBDOMAINS} SubDomains ${OPENDKIM_SUBDOMAINS}
@@ -95,8 +75,6 @@ OversignHeaders ${OPENDKIM_OVERSIGNHEADERS}
UserID ${OPENDKIM_USERID} UserID ${OPENDKIM_USERID}
Socket ${OPENDKIM_SOCKET} Socket ${OPENDKIM_SOCKET}
PidFile ${OPENDKIM_PIDFILE} PidFile ${OPENDKIM_PIDFILE}
KeyTable ${OPENDKIM_KEYTABLE}
SigningTable ${OPENDKIM_SIGNINGTABLE}
InternalHosts ${OPENDKIM_INTERNALHOSTS} InternalHosts ${OPENDKIM_INTERNALHOSTS}
AutoRestart ${OPENDKIM_AUTO_RESTART} AutoRestart ${OPENDKIM_AUTO_RESTART}
AutoRestartRate ${OPENDKIM_AUTO_RESTART_RATE} AutoRestartRate ${OPENDKIM_AUTO_RESTART_RATE}