initial upload

roles/postfix/templates/etc_opendkim.conf.j2

@@ -0,0 +1,38 @@
+# {{ ansible_managed }}
+
+# This is a basic configuration that can easily be adapted to suit a standard
+# installation. For more advanced options, see opendkim.conf(5) and/or
+# /usr/share/doc/opendkim/examples/opendkim.conf.sample.
+
+Syslog          yes
+LogWhy          yes
+PidFile         /var/run/opendkim/opendkim.pid
+Socket          local:/var/spool/postfix/opendkim/opendkim.sock
+UMask           002
+UserID          opendkim
+
+# Map domains in From addresses to keys used to sign messages
+KeyTable        file:/etc/opendkim/key.table
+SigningTable    file:/etc/opendkim/signing.table
+
+# Hosts to ignore when verifying signatures
+ExternalIgnoreList /etc/opendkim/trusted.hosts
+InternalHosts      /etc/opendkim/trusted.hosts
+
+# Commonly-used options; the commented-out versions show the defaults.
+Canonicalization    relaxed/simple
+Mode            sv
+SubDomains      yes
+#ADSPAction     continue
+AutoRestart     yes
+AutoRestartRate 10/1M
+Background      yes
+DNSTimeout      5
+SignatureAlgorithm  rsa-sha256
+
+# Always oversign From (sign using actual From and a null From to prevent
+# malicious signatures header fields (From and/or others) between the signer
+# and the verifier.  From is oversigned by default in the Debian package
+# because it is often the identity key used by reputation systems and thus
+# somewhat security sensitive.
+OversignHeaders     From