lostakj/opendkim-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3 Commits 1 Branch 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jan Lošťák df1e422a63
All checks were successful
Build and push Docker image on push / docker (push) Successful in 1m3s
Details
Added workflow
2026-03-27 04:33:13 +01:00
.gitea/workflows
Added workflow
2026-03-27 04:33:13 +01:00
Dockerfile
Initial commit
2026-03-27 04:16:00 +01:00
entrypoint.sh
Initial commit
2026-03-27 04:16:00 +01:00
LICENSE
Initial commit
2026-03-27 03:14:58 +00:00
opendkim.conf.tpl
Initial commit
2026-03-27 04:16:00 +01:00
README.md
Initial commit
2026-03-27 04:16:00 +01:00

README.md

Building the image

docker build --rm -t opendkim:latest .

Generating private key

Before running the private key must be generated using opendkim-keygen or supplied.

# Generate private key.
opendkim-genkey --bits=2048 --selector=dkim --restrict --verbose

# Getting publickey for DNS record.
cat dkim.txt | tr -d "\"\n\" \t" | sed -r "s/.*\((.*)\).*/\\1\n/"

Running the image

docker run -it --rm --name opendkim -p 8892:8892 -v /path/dkim.private:/opt/opendkim/keys/dkim.private opendkim:latest

Environment variables

These values are default and can be overriden by declaring environment variable with naother value.

# Attempts to become the specified userid before starting operations. The value is of the form userid[:group].
OPENDKIM_USERID="opendkim"

# Specifies the socket that should be established by the filter to receive connections.
OPENDKIM_SOCKET="inet:8892@0.0.0.0"

# A set of domains whose mail should be signed by this filter.
OPENDKIM_DOMAIN="*"

# Gives the location of a PEM-formatted private key to be used for signing all messages. Ignored if a KeyTable is defined.
OPENDKIM_KEYFILE="/opt/opendkim/keys/dkim.private"

# Defines the name of the selector to be used when signing messages.
OPENDKIM_SELECTOR="dkim"

# Selects the canonicalization method(s) to be used when signing messages.
OPENDKIM_CANONICALIZATION="relaxed/simple"

# Selects operating modes. The string is a concatenation of characters
# that indicate which mode(s) of operation are desired. Valid modes are s (signer) and v (verifier).
OPENDKIM_MODE="sv"

# Sign subdomains of those listed by the Domain parameter as well as the actual domains.
OPENDKIM_SUBDOMAINS="true"

# Specifies a set of header fields that should be included in all signature header lists (the "h=" tag) 
# once more than the number of times they were actually present in the signed message.
OPENDKIM_OVERSIGNHEADERS="From"

# Specifies a file from which trust anchor data should be read when doing DNS queries and applying the DNSSEC protocol.
OPENDKIM_TRUSTANCHORFILE="/usr/share/dns/root.key"

# Identifies a set internal hosts whose mail should be signed rather than verified.
OPENDKIM_INTERNALHOSTS="127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8"
Reference in New Issue View Git Blame Copy Permalink
Description
Dockerized OpenDKIM service for signing outgoing mail with DKIM.
Readme MIT 29 KiB
Languages
Smarty 58.8%
Shell 27.7%
Dockerfile 13.5%