update

2024-11-21 15:10:25 +00:00 · 2024-09-30 15:09:56 +03:00 · 2024-09-30 15:09:56 +03:00 · ce62ec5ab1
commit ce62ec5ab1
parent 5799c99f10
2 changed files with 22 additions and 30 deletions
--- a/web/Modules/Email/App/Console/SetupEmailServer.php
+++ b/web/Modules/Email/App/Console/SetupEmailServer.php
@ -80,7 +80,11 @@ class SetupEmailServer extends Command
        $postfixMasterCf = PhyreBlade::render('email::server.postfix.master.cf');
        file_put_contents('/etc/postfix/master.cf', $postfixMasterCf);

-        $openDkimConf = PhyreBlade::render('email::server.opendkim.opendkim.conf', $mysqlDbDetails);
+        $openDkimConf = PhyreBlade::render('email::server.opendkim.opendkim.conf', [
+            'hostName' => setting('email.hostname'),
+            'domain' => setting('email.domain'),
+            'mysqlConnectionUrl'=>  $mysqlDbDetails["username"].':'.$mysqlDbDetails['password'].'@'.$mysqlDbDetails['host'].'/'.$mysqlDbDetails['database'],
+        ]);
        file_put_contents('/etc/opendkim.conf', $openDkimConf);

        shell_exec('systemctl restart dovecot');
@ -89,17 +93,4 @@ class SetupEmailServer extends Command

    }

-    public function checkDNSValidation()
-    {
-
-        // exec: dig @1.1.1.1 +short MX allsidepixels.com
-        // output: 10 mail.allsidepixels.com
-
-        // exec: dig @1.1.1.1 +short A mail.allsidepixels.com
-        // output: 49.13.13.211
-
-        // exec: dig @1.1.1.1 +short -x 49.13.13.211
-        // output: mail.allsidepixels.com
-
-    }
 }
--- a/web/Modules/Email/resources/views/server/opendkim/opendkim.conf
+++ b/web/Modules/Email/resources/views/server/opendkim/opendkim.conf
@ -3,26 +3,16 @@
 # /usr/share/doc/opendkim/examples/opendkim.conf.sample for complete
 # documentation of available configuration parameters.

-Syslog			yes
-SyslogSuccess		yes
-#LogWhy			no
+LogWhy                  yes
+Syslog                  yes
+SyslogSuccess           yes

 # Common signing and verification parameters. In Debian, the "From" header is
 # oversigned, because it is often the identity key used by reputation systems
 # and thus somewhat security sensitive.
 Canonicalization	relaxed/simple
-#Mode			sv
-#SubDomains		no
 OversignHeaders		From

-# Signing domain, selector, and key (required). For example, perform signing
-# for domain "example.com" with selector "2020" (2020._domainkey.example.com),
-# using the private key stored in /etc/dkimkeys/example.private. More granular
-# setup options can be found in /usr/share/doc/opendkim/README.opendkim.
-#Domain			example.com
-#Selector		2020
-#KeyFile		/etc/dkimkeys/example.private
-
 # In Debian, opendkim runs as user "opendkim". A umask of 007 is required when
 # using a local socket with MTAs that access the socket as a non-privileged
 # user (for example, Postfix). You may need to add user "postfix" to group
@ -51,7 +41,18 @@ TrustAnchorFile		/usr/share/dns/root.key
 #Nameservers		127.0.0.1

 # Common verification parameters. This section is used by both the signing and
-SigningTable dsn:mysql://{{ $username.':'.$password.'@'.$host.'/'.$database }}/table=domain_dkim_signings?keycol=author?datacol=dkim_id
-KeyTable     dsn:mysql://{{ $username.':'.$password.'@'.$host.'/'.$database }}/table=domain_dkim?keycol=id?datacol=domain_name,selector,private_key
-
+SigningTable dsn:mysql://{{$mysqlConnectionUrl}}/table=domain_dkim_signings?keycol=author?datacol=dkim_id
+KeyTable     dsn:mysql://{{$mysqlConnectionUrl}}/table=domain_dkim?keycol=id?datacol=domain_name,selector,private_key

+# This is a set of internal hosts whose mail should be signed by this filter.
+Domain    {{$domain}}
+KeyFile    /etc/opendkim/keys/{{$domain}}/mail.private
+Selector   dkim
+SOCKET    inet:8891@127.0.0.1
+Mode                    sv
+SubDomains              no
+AutoRestart         yes
+AutoRestartRate     10/1M
+Background          yes
+DNSTimeout          5
+SignatureAlgorithm  rsa-sha256