Permalink
Browse files

opendkim: import from EPEL

  • Loading branch information...
1 parent b297f66 commit 7d4622fc94e874163d88d6ba17c3594570ebb7ac @kou kou committed May 6, 2012
@@ -0,0 +1,94 @@
+--- opendkim-2.4.2/contrib/init/redhat/opendkim.in 2011-08-05 21:09:35.000000000 -0700
++++ opendkim-2.4.2p/contrib/init/redhat/opendkim.in 2011-09-22 10:59:20.765451439 -0700
+@@ -2,7 +2,7 @@
+ #
+ # opendkim Start and stop OpenDKIM.
+
+-# chkconfig: 2345 41 61
++# chkconfig: - 41 59
+ # description: OpenDKIM implements the DomainKeys Identified Mail (DKIM)
+ # service and a milter-based filter application that can plug
+ # in to any milter-aware MTA.
+@@ -11,33 +11,73 @@
+
+ ### BEGIN INIT INFO
+ # Provides: opendkim
+-# Required-Start: opendkim
+-# Required-Stop: opendkim
+ # Short-Description: Start and stop OpenDKIM
+ # Description: OpenDKIM implements the DomainKeys Identified Mail
+ # (DKIM) service and a milter-based filter application
+ # that can plug in to any milter-aware MTA.
+ ### END INIT INFO
+
+-# OpenDKIM startup script v1.3 for RHEL/CentOS/Fedora
+-# by Steve Jenkins (SteveJenkins.com) - 02-15-2011
+-# Based on a script by Andrew Colin Kissa (TopDog) for dkim-milter - 28-05-2009
++# OpenDKIM startup script v1.7 for RHEL/CentOS/Fedora
++# by Steve Jenkins (SteveJenkins.com) - 09-22-2011
++# Based on a script by Andrew Colin Kissa (TopDog) for dkim-milter - 05-28-2009
+ # - Additional functionality to prevent multiple instances and a reload
+-# handler by Chris LaJoie - 11-01-2011
++# handler by Chris LaJoie - 01-11-2011
+ # - Added notification (along with with current PID) if "start" is issued when
+ # OpenDKIM is already running - 02-15-2011
++# - Added support to generate default keys on start - 08-22-2011
++# - Added support for /etc/sysconfig/opendkim override of default init script
++# setup parameters - 09-19-2011
++# - Changed default stop priority - 09-19-2011
++# - Updated success and warning outputs for default key generation - 09-20-2011
++# - Changed default key directory ownership and permissions - 09-22-2011
+
+ . /etc/rc.d/init.d/functions
+
+ prefix=@prefix@
+ exec_prefix=@exec_prefix@
+
+-DAEMON=@sbindir@/opendkim
+-CONF_FILE=@sysconfdir@/opendkim.conf
+-PID_FILE=@localstatedir@/run/opendkim/opendkim.pid
+ RETVAL=0
++prog="opendkim"
++
++DAEMON=@sbindir@/$prog
++CONF_FILE=@sysconfdir@/$prog.conf
++PID_FILE=@localstatedir@/run/$prog/$prog.pid
++KEYGEN=@exec_prefix@/bin/opendkim-genkey
++DKIM_KEYDIR=@sysconfdir@/$prog/keys
++DKIM_SELECTOR=default
++AUTOCREATE_DKIM_KEYS=yes
++
++if [ -f /etc/sysconfig/opendkim ]; then
++ . /etc/sysconfig/opendkim
++fi
++
++do_dkim_keygen() {
++ if [ ! -s $DKIM_KEYDIR/$DKIM_SELECTOR.private ]; then
++ echo -n $"Generating default DKIM keys: "
++ if [ "x`hostname --domain`" = "x" ]; then
++ echo_warning
++ echo
++ echo $"Cannot determine host's domain name, so skipping default key generation."
++ else
++ mkdir -p $DKIM_KEYDIR
++ $KEYGEN -D $DKIM_KEYDIR -s $DKIM_SELECTOR -d `hostname --domain`
++ chown root:$prog $DKIM_KEYDIR
++ chown $prog:$prog $DKIM_KEYDIR/$DKIM_SELECTOR.{private,txt}
++ chmod 600 $DKIM_KEYDIR/$DKIM_SELECTOR.private
++ chmod 644 $DKIM_KEYDIR/$DKIM_SELECTOR.txt
++ echo_success
++ echo
++ echo Default DKIM keys for `hostname --domain` created in $DKIM_KEYDIR.
++ fi
++ fi
++}
+
+ start() {
++ # Create keys if necessary
++ if [ "x${AUTOCREATE_DKIM_KEYS}" != xNO ]; then
++ do_dkim_keygen
++ fi
++
+ echo -n $"Starting OpenDKIM Milter: "
+ if [ -f $PID_FILE ]; then
+ PID=`cat $PID_FILE`
@@ -0,0 +1,245 @@
+--- opendkim-2.4.2/INSTALL 2011-07-12 22:53:43.000000000 -0700
++++ opendkim-2.4.2-patches/INSTALL 2011-08-22 21:15:28.535480182 -0700
+@@ -6,11 +6,11 @@
+ In order to install the opendkim as a milter to an MTA you will need to
+ perform the following steps:
+
+-* Compile the opendkim program itself.
++* Install the RPMs for libopendkim and opendkim.
+
+-* Configure the opendkim for signing and/or verification.
++* Configure opendkim for signing and/or verification.
+
+-* Install the opendkim and configure your MTA to use it.
++* Configure your MTA to use opendkim.
+
+ Note that there is a difference between "OpenDKIM" and "opendkim".
+ "OpenDKIM" is a package containing a library, a filter and some tools to
+@@ -23,167 +23,100 @@
+
+ The opendkim filter program incorporates the libopendkim library and works
+ with recent versions of sendmail and Postfix or any other MTA that supports
+-"milter". For more information about milter, see <http://www.milter.org>.
++"milter". For more information about milter, see <http://www.milter.org/>.
+
+ Sendmail is available at <http://www.sendmail.org> and Postfix is available
+-at <http://www.postfix.org>.
++at <http://www.postfix.org/>.
+
+
+-OPTIONAL PACKAGES
+-=================
++REQUIREMENTS
++============
+
+-OpenDKIM supports a few optional packages that can be included in the build
+-to provide additional services. A few of these become mandatory when
+-enabling certain features below. Specifying only the "--with-xxx" parameter
+-to the "configure" command (described below) enables the package and makes a
+-guess at where it might be installed on your system. If the configure script
+-doesn't find it, you will need to specify the location with
+-"--with-xxx=location".
++The opendkim filter requires either sendmail v8.13.0 or Postfix v2.3 or later
++for required milter protocol enhancements. For more information on milters:
+
+---with-db BerkeleyDB include file and library. If enabled without
+- a specific path, the /usr/local/BerkeleyDB, /usr/local and
+- /usr directories will be searched for both the required
+- includes and the required libraries. Required for the
+- following features: query_cache, stats
++Postfix users, see: http://www.postfix.org/MILTER_README.html
+
+---with-db-incdir
+---with-db-libdir
+---with-db-lib
+- These provide a finer control over the location of BerkeleyDB
+- include, library path and libary name where the default
+- locations of --with-db are not enough.
++Sendmail users, see: http://www.sendmail.com/sm/partners/milter_partners/
+
+---with-domainkeys
+- Sendmail's "libdk" include file and library for verifying
+- messages signed with the older DomainKeys specification.
+
+---with-libgcrypt
+- Location of GNU's libgcrypt includes and library.
+- If not specified, "--with-openssl" is assumed.
++CONFIGURING OPENDKIM
++====================
+
+---with-lua Lua interpreter library. Enables fine-grained policy control
+- via Lua script hooks, and also enables building of the
+- "miltertest" test tool.
++For a step-by-step How-To on installing and configuring OpenDKIM with Postfix
++or Sendmail on RedHat systems, see:
+
+---with-milter Sendmail's "milter" include file and library. Required
+- unless compilation fo the filter is disabled (see below).
+- Enabled by default.
++http://packages.stevejenkins.com/opendkim/
+
+---with-odbx Location of the OpenDBX installation on your system.
+- Optional; enables use of a number of SQL and ODBC databases
+- for configuration information. Version 1.3.7 or later is
+- required.
++For general installation and configuration instructions for all supported
++operating systems, refer to the official documentation at:
+
+---with-openldap Location of the OpenLDAP installation on your system.
++http://opendkim.org/docs.html
+
+---with-openssl Location of the OpenSSL installation on your system.
+- Either this or libgcrypt required, and this one is assumed
+- if libgcrypt is not enabled. If no specific location is
+- provided, several common install locations will be searched for
+- the required includes and libraries.
++After installing opendkim, you must do the following:
+
+---with-sasl Location of the Cyrus SASL include file definitions. This is
+- used for authenticating against LDAP servers.
++* Configure your MTA (Postfix, Sendmail, etc.) to use OpenDKIM.
+
+---with-tre Location of the TRE installation on your system. This
+- is required if you are using the "diffheaders" feature.
+- If no specific location is provided, the /usr/local and
+- /usr directories will be searched for the required includes
+- and libraries.
++Postfix users will need to add/edit the smtpd_milters, non_smtpd_milters, and
++milter_default_action parameters in their main.cf file. Generally, adding the
++following lines to main.cf will be enough to get opendkim working with Postfix:
+
+---with-unbound Location of the Unbound DNSSEC capable asynchronous resolver
+- library and include file.
+-
++smtpd_milters = inet:127.0.0.1:8891
++non_smtpd_milters = inet:127.0.0.1:8891
++milter_default_action = accept
+
++If you are using a version of Postfix prior to 2.6, you may also need to set
++the milter_protocol parameter in main.cf to "2" with:
+
+-FEATURES
+-========
++milter_protocol = 2
+
+-There are several compile-time features you may select. Some of these
+-are present but unsupported while others are fully-supported. Read the
+-FEATURES file for a description of the unsupported features.
++Sendmail users will need to add the following line to the .mc configuration
++file that was used to build your current sendmail.cf file:
+
+-The supported features are as follows. The can be turned on at compile
+-time by adding "--enable-xxx" to the "configure" command line (described
+-below), where "xxx" is the name of the feature.
++INPUT_MAIL_FILTER(`opendkim', `S=inet:8891@localhost')
+
+-arlib Use the provided asynchronous resolver library.
++Then you will need to build and install a new sendmail.cf from the .mc file.
++Remember to make backups of your sendmail.cf and .mc files before attempting
++any changes.
+
+-debug Produce debug-enabled libraries and executables.
++* Configure opendkim for signing and/or verification.
+
+-filter Compile the opendkim filter. Requires libmilter (see
+- "--with-milter" above). This is on by default; if you
+- don't want the filter, specify "--disable-filter".
++By default, opendkim is configured for DKIM signature verification of incoming
++mail only. Before you can sign outgoing mail with a DKIM signature, you must:
+
+-maxverify Allow limitation of the number of signatures verified per
+- message.
++- generate a set of private and public keys
++- configure opendkim for signing
++- publish your public key via DNS
+
+-oversign Enable optional header field over-signing.
++A default set of keys based on your system's fully qualified domain name
++(FQDN) and using the selector "default" will be generated in
++/etc/opendkim/keys the first time you run:
+
+-popauth Enable POP-before-SMTP support.
++service opendkim start
+
+-query_cache Cache DNS replies in a local database. Requires the
+- BerkeleyDB database. (See "--with-db" above.)
++You can also generate your own keys using the opendkim-genkey command.
+
+-stats Produce a filter and tools used for statistics collection,
+- analysis and submission.
++After generating your keys, you must edit opendkim.conf and verify that your
++domain name is correct, change the Mode to "s" for signing or "sv" for signing
++and verifying, and configure the KeyFile and Selector parameters. Additional
++options are available for signing for multiple users and/or multiple domains.
++For more information, consult the online documentation or do:
+
+-xtags Support for signature extension tags.
++man opendkim.conf
+
++You must also publish your public key(s) via DNS before remote mail servers
++can verify your outdoing DKIM signature. Consult your DNS provider's
++documentation on how to do this.
+
+-COMPILING
++MORE INFO
+ =========
+
+-The opendkim filter requires either sendmail v8.13.0 or Postfix v2.3 or later
+-for required milter protocol enhancements.
+-
+-To build this package you must first have installed or at least have available
+-the OpenSSL package and libmilter. The former is available from
+-<http://www.openssl.org> or in package form from your vendor. At a minimum
+-version 0.9.8 is required to meet DKIM requirements. The application library
+-libmilter is part of the sendmail Open Source distribution and can be built
+-and installed from there (ftp://ftp.sendmail.org).
+-
+-As Postfix currently does not provide milter library, you need to have
+-sendmail sources or development package installed. See
+-http://www.postfix.org/MILTER_README.html
+-
+-You can view the configuration options with the following command:
+-
+- ./configure --help
+-
+-The commands shown below assume a UNIX system with standard build tools
+-installed.
+-
+-Steps to compiling the library and the milter:
++For a step-by-step How-To on installing and configuring OpenDKIM with Postfix
++or Sendmail on RedHat systems, see:
+
+-(1) Download the source from OpenDKIM (http://www.opendkim.org).
+-
+-(2) Unpack the tarball:
+- tar -xzvf opendkim-<version>.tar.gz
+-
+- Note: Use <version> as the version number that you downloaded.
+-
+-(3) Change directories to the release directory (opendkim-<version>) that
+- was created in step 2.
+- cd opendkim-<version>
+-
+-(4) Run the "configure" script to configure the package for your operating
+- system.
+- ./configure
+-
+-(5) Compile the package.
+- make
+-
+-(6) Install the output of the build. You probably need to become the
+- superuser to run this step.
+- make install
+-
+-
+-CONFIGURING OPENDKIM
+-====================
++http://packages.stevejenkins.com/opendkim/
+
+-The README document (in the opendkim directory) covers the installation and
+-configuration of opendkim.
++For more information about the OpenDKIM Project, including official
++documentation and support, visit:
+
+-$Id: INSTALL,v 1.22 2010/09/13 01:39:48 cm-msk Exp $
++http://opendkim.org/
Oops, something went wrong.

0 comments on commit 7d4622f

Please sign in to comment.