39 lines
1.3 KiB
Django/Jinja
39 lines
1.3 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
|
|
# This is a basic configuration that can easily be adapted to suit a standard
|
|
# installation. For more advanced options, see opendkim.conf(5) and/or
|
|
# /usr/share/doc/opendkim/examples/opendkim.conf.sample.
|
|
|
|
Syslog yes
|
|
LogWhy yes
|
|
PidFile /var/run/opendkim/opendkim.pid
|
|
Socket local:/var/spool/postfix/opendkim/opendkim.sock
|
|
UMask 002
|
|
UserID opendkim
|
|
|
|
# Map domains in From addresses to keys used to sign messages
|
|
KeyTable file:/etc/opendkim/key.table
|
|
SigningTable file:/etc/opendkim/signing.table
|
|
|
|
# Hosts to ignore when verifying signatures
|
|
ExternalIgnoreList /etc/opendkim/trusted.hosts
|
|
InternalHosts /etc/opendkim/trusted.hosts
|
|
|
|
# Commonly-used options; the commented-out versions show the defaults.
|
|
Canonicalization relaxed/simple
|
|
Mode sv
|
|
SubDomains yes
|
|
#ADSPAction continue
|
|
AutoRestart yes
|
|
AutoRestartRate 10/1M
|
|
Background yes
|
|
DNSTimeout 5
|
|
SignatureAlgorithm rsa-sha256
|
|
|
|
# Always oversign From (sign using actual From and a null From to prevent
|
|
# malicious signatures header fields (From and/or others) between the signer
|
|
# and the verifier. From is oversigned by default in the Debian package
|
|
# because it is often the identity key used by reputation systems and thus
|
|
# somewhat security sensitive.
|
|
OversignHeaders From
|