Attempt at ARC/DKIM signing for mailman

2023-09-30 21:55:19 +01:00 · 2023-09-30 21:55:19 +01:00 · 496fd6d5ea
parent 014d4456f8
commit 496fd6d5ea
6 changed files with 29 additions and 1 deletions
--- a/abra.sh
+++ b/abra.sh
@ -1,3 +1,5 @@
 export CERTDUMPER_POST_VERSION=v1
 export POSTFIX_OVERRIDE_VERSION=v15
 export SENDER_LOGIN_VERSIONS=v2
+export ARC_OVERRIDE_VERSION=v8
+export DKIM_IP_MAP_OVERRIDE_VERSION=v2
--- a/compose.mailman.yml
+++ b/compose.mailman.yml
@ -16,6 +16,14 @@ services:
    configs:
      - source: postfix_override
        target: /overrides/postfix.cf
+  antispam:
+    configs:
+      - source: arc_conf_override
+        target: /overrides/arc.conf
+      - source: dkim_ip_map_override
+        target: /overrides/dkim_ip.map
+    volumes:
+      - "rspam_overrides:/etc/rspamd/override.d"

 networks:
  shared_mailman_network:
@ -27,9 +35,17 @@ volumes:
  shared-mailman-core:
    external: true
    name: ${MAILMAN_CORE_VOLUME}
+  rspam_overrides:

 configs:
  postfix_override:
    name: ${STACK_NAME}_postfix_overrides_${POSTFIX_OVERRIDE_VERSION}
-    file: postfix.cf.tmpl
+    file: mailman-postfix.cf.tmpl
+    template_driver: golang
+  arc_conf_override:
+    name: ${STACK_NAME}_arc_conf_override_${ARC_OVERRIDE_VERSION}
+    file: mailman-arc.conf
+  dkim_ip_map_override:
+    name: ${STACK_NAME}_dkim_ip_map_${DKIM_IP_MAP_OVERRIDE_VERSION}
+    file: mailman-dkim_ip.map.tmpl
    template_driver: golang
--- a/logging.inc
+++ b/logging.inc
@ -0,0 +1,2 @@
+type=console
+debug_modules=dkim
--- a/mailman-arc.conf
+++ b/mailman-arc.conf
@ -0,0 +1,7 @@
+sign_networks = "/overrides/dkim_ip.map";
+path = "/dkim/$domain.$selector.key";
+use_domain = "header";
+#use_vault = false;
+#try_fallback = true;
+#selector_map = "/overrides/dkim_selectors.map";
+#selector = "dkim";
--- a/mailman-dkim_ip.map.tmpl
+++ b/mailman-dkim_ip.map.tmpl
@ -0,0 +1 @@
+{{ env "RELAYNETS" }}
--- a/mailman-postfix.cf.tmpl
+++ b/mailman-postfix.cf.tmpl