opendkim.conf

1. # This is a basic configuration that can easily be adapted to suit a standard
2. # installation. For more advanced options, see opendkim.conf(5) and/or
3. # /usr/share/doc/opendkim/examples/opendkim.conf.sample.
4.  
5. # Log to syslog
6. Syslog yes
7. # Required to use local socket with MTAs that access the socket as a non-
8. # privileged user (e.g. Postfix)
9. UMask 002
10.  
11. # Sign for example.com with key in /etc/mail/dkim.key using
12. # selector '2007' (e.g. 2007._domainkey.example.com)
13. #Domain example.com
14. #KeyFile /etc/mail/dkim.key
15. #Selector 2007
16.  
17. # Commonly-used options; the commented-out versions show the defaults.
18. #Canonicalization simple
19. #Mode sv
20. #SubDomains no
21. #ADSPDiscard no
22.  
23. # Always oversign From (sign using actual From and a null From to prevent
24. # malicious signatures header fields (From and/or others) between the signer
25. # and the verifier. From is oversigned by default in the Debian pacakge
26. # because it is often the identity key used by reputation systems and thus
27. # somewhat security sensitive.
28. OversignHeaders From
29.  
30. # List domains to use for RFC 6541 DKIM Authorized Third-Party Signatures
31. # (ATPS) (experimental)
32.  
33. #ATPSDomains example.com
34. AutoRestart Yes
35. AutoRestartRate 10/1h
36. UMask 002
37. Syslog yes
38. SyslogSuccess Yes
39. LogWhy Yes
40. Canonicalization relaxed/simple
41. ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
42. InternalHosts refile:/etc/opendkim/TrustedHosts
43. KeyTable refile:/etc/opendkim/KeyTable
44. SigningTable refile:/etc/opendkim/SigningTable
45. Mode sv
46. PidFile /var/run/opendkim/opendkim.pid
47. SignatureAlgorithm rsa-sha256
48. UserID opendkim:opendkim
49. Socket inet:12301@udc-debian7