Some modifications to @mback2k's smtp-dkim-signer. The changes here mainly does the following:
- Allows usage of a different
Domain
for LetsEncrypt verification; - GitHub Actions CI;
- SMTP Username whitelisting.
An updated config would look like the following:
Address: "<if you expose this server, change this address>:25"
Domain: "<your domain>"
LetsEncrypt:
Agreed: true
Contact: your-name@your-domain.tld
Challenge: http
ChallengeDomain: <can be a different domain than the Domain paramter above>
ChallengePort: 80
VirtualHosts:
- Domain: <should be the same as the address behind '@', like gmail.com or yahoo.com>
SelectorDomain: "<your domain>"
SecurityLevel: <0 or 1, 0 for TLS, 1 for StartTLS>
Upstream: "your-upstream-smtp:465"
Selector: "your-dkim-selector"
PrivKeyPath: "your-private-key-file" OR |
your-private-key-data
HeaderCan: "relaxed"
BodyCan: "simple"
Whitelisted: ["<email addresses allowed to login to this proxy. leave blank for no email addresses>"]
HeaderKeys:
- "From"
- "Reply-To"
- "Subject"
- "Date"
- "To"
- "Cc"
- "In-Reply-To"
- "References"
- "Message-ID"
- "Resent-Date"
- "Resent-From"
- "Resent-To"
- "Resent-Cc"
# optional:
Rollbar:
AccessToken: "your-rollbar-access-token"
Environment: production
Copyright (C) 2021, James for any changes made by me.
The original README starts below this section.
This Go program is a SMTP-proxy that DKIM-signs e-mails before submission to an upstream SMTP-server.
Special thanks to @emersion for creating and providing the following Go libraries that are the main building blocks of this program:
- https://github.com/emersion/go-smtp
- https://github.com/emersion/go-smtp-proxy
- https://github.com/emersion/go-dkim
Additional dependencies are the following awesome Go libraries:
You basically have two options to install this Go program package:
- If you have Go installed and configured on your PATH, just do the following go get inside your GOPATH to get the latest version:
go get -u github.com/mback2k/smtp-dkim-signer
- If you do not have Go installed and just want to use a released binary, then you can just go ahead and download a pre-compiled Linux amd64 binary from the Github releases.
Finally put the smtp-dkim-signer binary onto your PATH and make sure it is executable.
The following YAML file is an example configuration with one virtual host:
Address: "localhost:25"
Domain: "localhost"
LetsEncrypt:
Agreed: true
Contact: your-name@your-domain.tld
Challenge: http
ChallengePort: 80
VirtualHosts:
- Domain: your-domain.tld
Upstream: "your-upstream-smtp:465"
Selector: "your-dkim-selector"
PrivKeyPath: "your-private-key-file" OR |
your-private-key-data
HeaderCan: "relaxed"
BodyCan: "simple"
HeaderKeys:
- "From"
- "Reply-To"
- "Subject"
- "Date"
- "To"
- "Cc"
- "In-Reply-To"
- "References"
- "Message-ID"
- "Resent-Date"
- "Resent-From"
- "Resent-To"
- "Resent-Cc"
# optional:
Rollbar:
AccessToken: "your-rollbar-access-token"
Environment: production
Save this file in one of the following locations and run ./smtp-dkim-signer
:
- /etc/smtp-dkim-signer/smtp-dkim-signer.yaml
- $HOME/.smtp-dkim-signer.yaml
- $PWD/smtp-dkim-signer.yaml
Copyright (C) 2018 - 2020, Marc Hoersken info@marc-hoersken.de
This software is licensed as described in the file LICENSE, which you should have received as part of this software distribution.
All trademarks are the property of their respective owners.