search

namshi / docker-smtp

SMTP docker container
MIT License
549 stars 198 forks source link

add dkim support #22

Open domdorn opened 7 years ago

domdorn commented 7 years ago

awesome image. the only thing missing for me at the moment is DKIM support. I found this article, that describes on how to setup it. Do you have a suggestion what would be the best way to incorporate it into your image? Then I could try to do that during the weekend.

avoidik commented 7 years ago

It's already there

    volumes:
      - ./dkim/config:/etc/exim4/_docker_additional_macros:ro
      - ./dkim/domain.key:/etc/exim4/domain.key:ro

and:

$ cat ./dkim/config
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_KEY_FILE = /etc/exim4/domain.key
DKIM_PRIVATE_KEY = ${if exists{DKIM_KEY_FILE}{DKIM_KEY_FILE}{0}}
DKIM_SELECTOR = mail
DKIM_CANON = simple

Then configure TXT records on DNS server and voila!

olexatourko commented 6 years ago

~Hey avoidik, I generated a public/private keys and set up TXT records as described here, but don't understand what to do with your comment. Can you point me in the right direction? Thanks.~

Nevermind, I think I get it. ./dkim/domain.key is my private key, and DKIM_SELECTOR is my selector.

avoidik commented 6 years ago

Hi,

Add new file named dkim/config and tune volumes in your docker-compose file as shown above. This way new configuration will be appended to existing one through _docker_additional_macros

timothyclarke commented 4 years ago

If you're going to have multiple domains (as implied by DKIM_DOMAIN = ${lc:${domain:$h_from:}}) you probably want multiple keys and then DKIM_KEY_FILE = /etc/exim4/$dkim_domain.key to select the correct file (containing the key)

Personally I use DKIM_KEY_FILE = /etc/exim4/$dkim_selector.$dkim_domain.key with DKIM_SELECTOR being a date stamp eg 20200103 so I can rotate keys (you may need to put DKIM_SELECTOR above DKIM_KEY_FILE for it to fully work)

hanrok commented 3 years ago

It's already there

    volumes:
      - ./dkim/config:/etc/exim4/_docker_additional_macros:ro
      - ./dkim/domain.key:/etc/exim4/domain.key:ro

and:

$ cat ./dkim/config
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_KEY_FILE = /etc/exim4/domain.key
DKIM_PRIVATE_KEY = ${if exists{DKIM_KEY_FILE}{DKIM_KEY_FILE}{0}}
DKIM_SELECTOR = mail
DKIM_CANON = simple

Then configure TXT records on DNS server and voila!

don't know how to thank you. I found nothing except this comment for solving my issue! Thanks a lot!

wiesys commented 1 year ago

This is great indeed, thank you! :)

One addition (maybe this will help someone): Make sure, that the domain.key (e.g ./dkim/domain.key) has at least 644 permissions because the file in docker volume is mounted as root:root, and the exim4 user can't access the file if the permissions are e.g. 600 (which actually would be a “best practice”).

Maybe there's a better solution to solve the permissions issue? Is it possible to change the owner of the file to Debian-exim in the docker-compose.yml file?

yanokwa commented 11 months ago

@wiesys I've added a PR at https://github.com/ix-ai/smtp/pull/27 that fixes this issue in a https://github.com/ix-ai/smtp, a more active fork of this repo. I'd love a review.