Rspamd DKIM
Version vom 9. Juni 2026, 14:45 Uhr von Thomas.will (Diskussion | Beiträge)
dkim/mail.key
- cat dkim/mail.key
-----BEGIN PRIVATE KEY----- MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMat5xX+TcQvePUD LedhtSxwVDYut+bFuxwXauzi6Dy6tyPUwqTaTDw5rtk6BzCrAbntRMLBJ+2dsp54 RUu06Xq8CWImL2vzk+W8lTBzBts5YuPWIgSoaSBe4KdwSek4opXUj+lGuyaQqM7N seKXsAVmYfndCjT8BOYNctrPpcYzAgMBAAECgYBwJ9N/suMrkLDzfyv2pk2kHHUt cQoXmB+cKAwQVbdMMQsZiw2mCiVnChkOP5e3fZGn560dU/S6Sn9+vd5Acowp4iy7 RGMV9vpAkEdjLJfns1ApKnup1OPX0TeXXOZCSFvt4vVgbxJq7B1k+J0fndIvad2m 3KlQaKxOVYUDinFhYQJBAOetbVo8FSoj/vqe1xT6WynIFPp3626nLRHg68PxoyN1 tnHeCUp/iMD2eiwF5OZXXb4v3KdEz5G6MFx6QoWVK9cCQQDbiZ22O/OZlEY7Rzrd mTdwAq7JsfwalHEXzf2Snr/StBhUB70GJlhuWTm2xrMF5GVdwqy8UNyO4MpTss9D Tg0FAkAMvYjJ8YvoaVpYRevmB26D+bDNpVKZHzBnT0sn1131UT/bOy6fnivTELrf OOPBlwRctR0ZRbt0dBy8uSx3VCC5AkEAvI7xT5EkhFdPDyD51VUAwYr8Vy4w6x9u F1UMoz8IYM/gSWQwHTUYJQcrw+nb34aw7ZwEQuZs2acHAGaHEDbchQJALs9gu/zn cnMIb4svI9Ki7THA4wxilVb2/zDtpNveoCLKO6q4nFyWY39x8aiIZ7s08IMZkMGd A73APthLPbsVjw== -----END PRIVATE KEY-----
dkim/mail.txt
- cat dkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa;" "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGrecV/k3EL3j1Ay3nYbUscFQ2LrfmxbscF2rs4ug8urcj1MKk2kw8Oa7ZOgcwqwG57UTCwSftnbKeeEVLtOl6vAliJi9r85PlvJUwcwbbOWLj1iIEqGkgXuCncEnpOKKV1I/pRrsmkKjOzbHil7AFZmH53Qo0/ATmDXLaz6XGMwIDAQAB" ) ;
local.d/dkim_signing.conf
- cat local.d/dkim_signing.conf
# /etc/rspamd/local.d/dkim_signing.conf
# Enable DKIM signing
enabled = true;
# Default signing configuration
domain {
it.int {
selector = "mail";
path = "/etc/rspamd/dkim/mail.key";
}
}
use_domain = "header";
allow_username_mismatch = true;
# Sign outbound mail only
sign_authenticated = true;
sign_local = true;
sign_inbound = false;
# Default settings
use_esld = true;
check_pubkey = true;
local.d/logging.inc
- cat local.d/logging.inc
level = "debug"; debug_modules = ["dkim_signing"];
local.d/redis.conf
- cat local.d/redis.conf
servers = "127.0.0.1:6379";
override.d/antivirus.conf
- cat override.d/antivirus.conf
# Antivirus-Modul aktivieren
enabled = true;
clamav {
# ClamAV als Virenscanner
type = "clamav";
# Symbol das gesetzt wird wenn ein Virus gefunden wurde
symbol = "CLAM_VIRUS";
# Verbindung zum ClamAV-Daemon ueber Unix-Socket
servers = "/var/run/clamav/clamd.ctl";
# Auch Text-MIME-Parts scannen (nicht nur Anhaenge)
scan_text_mime = true;
# Alle MIME-Teile einzeln scannen
scan_mime_parts = true;
# Auch sehr kleine Dateien scannen (kein Mindest-Limit)
min_size = 0;
# Auch Mails ohne Authentifizierung scannen
scan_unauthenticated = true;
# Streaming-Modus - Mail wird direkt waehrend Empfang gescannt
stream = true;
# Score von 20 bei Fund - reicht alleine fuer reject (Schwelle 15)
score = 20.0;
}
override.d/worker-controller.inc
- cat override.d/worker-controller.inc
password = "$2$jm57o86qgm1x5p37ka4g8eq5d9erch7w$um5ez3jyzh93mt5y9fsusbke7cq7pxhuk3radsk94ty7yaiuxnqb"; bind_socket = "*:11334";
root@dnsgw:/etc/rspamd#
root@dnsgw:/etc/rspamd#
root@dnsgw:/etc/rspamd# vi +4 /usr/local/bin/make-wiki.sh
root@dnsgw:/etc/rspamd# make-wiki.sh dat.list
dkim/mail.key
- cat dkim/mail.key
-----BEGIN PRIVATE KEY----- MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMat5xX+TcQvePUD LedhtSxwVDYut+bFuxwXauzi6Dy6tyPUwqTaTDw5rtk6BzCrAbntRMLBJ+2dsp54 RUu06Xq8CWImL2vzk+W8lTBzBts5YuPWIgSoaSBe4KdwSek4opXUj+lGuyaQqM7N seKXsAVmYfndCjT8BOYNctrPpcYzAgMBAAECgYBwJ9N/suMrkLDzfyv2pk2kHHUt cQoXmB+cKAwQVbdMMQsZiw2mCiVnChkOP5e3fZGn560dU/S6Sn9+vd5Acowp4iy7 RGMV9vpAkEdjLJfns1ApKnup1OPX0TeXXOZCSFvt4vVgbxJq7B1k+J0fndIvad2m 3KlQaKxOVYUDinFhYQJBAOetbVo8FSoj/vqe1xT6WynIFPp3626nLRHg68PxoyN1 tnHeCUp/iMD2eiwF5OZXXb4v3KdEz5G6MFx6QoWVK9cCQQDbiZ22O/OZlEY7Rzrd mTdwAq7JsfwalHEXzf2Snr/StBhUB70GJlhuWTm2xrMF5GVdwqy8UNyO4MpTss9D Tg0FAkAMvYjJ8YvoaVpYRevmB26D+bDNpVKZHzBnT0sn1131UT/bOy6fnivTELrf OOPBlwRctR0ZRbt0dBy8uSx3VCC5AkEAvI7xT5EkhFdPDyD51VUAwYr8Vy4w6x9u F1UMoz8IYM/gSWQwHTUYJQcrw+nb34aw7ZwEQuZs2acHAGaHEDbchQJALs9gu/zn cnMIb4svI9Ki7THA4wxilVb2/zDtpNveoCLKO6q4nFyWY39x8aiIZ7s08IMZkMGd A73APthLPbsVjw== -----END PRIVATE KEY-----
dkim/mail.txt
- cat dkim/mail.txt
mail._domainkey IN TXT ( "v=DKIM1; k=rsa;" "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGrecV/k3EL3j1Ay3nYbUscFQ2LrfmxbscF2rs4ug8urcj1MKk2kw8Oa7ZOgcwqwG57UTCwSftnbKeeEVLtOl6vAliJi9r85PlvJUwcwbbOWLj1iIEqGkgXuCncEnpOKKV1I/pRrsmkKjOzbHil7AFZmH53Qo0/ATmDXLaz6XGMwIDAQAB" ) ;
local.d/dkim_signing.conf
- cat local.d/dkim_signing.conf
# /etc/rspamd/local.d/dkim_signing.conf
# Enable DKIM signing
enabled = true;
# Default signing configuration
domain {
it.int {
selector = "mail";
path = "/etc/rspamd/dkim/mail.key";
}
}
use_domain = "header";
allow_username_mismatch = true;
# Sign outbound mail only
sign_authenticated = true;
sign_local = true;
sign_inbound = false;
# Default settings
use_esld = true;
check_pubkey = true;
local.d/logging.inc
- cat local.d/logging.inc
level = "debug"; debug_modules = ["dkim_signing"];
local.d/redis.conf
- cat local.d/redis.conf
servers = "127.0.0.1:6379";
override.d/antivirus.conf
- cat override.d/antivirus.conf
# Antivirus-Modul aktivieren
enabled = true;
clamav {
# ClamAV als Virenscanner
type = "clamav";
# Symbol das gesetzt wird wenn ein Virus gefunden wurde
symbol = "CLAM_VIRUS";
# Verbindung zum ClamAV-Daemon ueber Unix-Socket
servers = "/var/run/clamav/clamd.ctl";
# Auch Text-MIME-Parts scannen (nicht nur Anhaenge)
scan_text_mime = true;
# Alle MIME-Teile einzeln scannen
scan_mime_parts = true;
# Auch sehr kleine Dateien scannen (kein Mindest-Limit)
min_size = 0;
# Auch Mails ohne Authentifizierung scannen
scan_unauthenticated = true;
# Streaming-Modus - Mail wird direkt waehrend Empfang gescannt
stream = true;
# Score von 20 bei Fund - reicht alleine fuer reject (Schwelle 15)
score = 20.0;
}
override.d/worker-controller.inc
- cat override.d/worker-controller.inc
password = "$2$jm57o86qgm1x5p37ka4g8eq5d9erch7w$um5ez3jyzh93mt5y9fsusbke7cq7pxhuk3radsk94ty7yaiuxnqb"; bind_socket = "*:11334";