commit 517ff96b15a4664333e55cf18d66ef694d33040b Author: Sebastian Hugentobler Date: Thu Nov 18 13:53:06 2021 +0100 initial commit diff --git a/.gitignore b/.gitignore new file mode 100755 index 0000000..93bfd12 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*~ +.DS_Store diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..91b9455 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,6 @@ +FROM thallian/confd-env:latest + +RUN apk --no-cache add \ + rspamd + +ADD rootfs / diff --git a/README.md b/README.md new file mode 100644 index 0000000..f4b416c --- /dev/null +++ b/README.md @@ -0,0 +1,23 @@ +(Rspamd)[https://rspamd.com/] server with dkim signing. + +# DKIM +Create new keys with `rspamadm dkim_keygen`. + +Create a file `/etc/rspamd/dkim_selectors.map` and add domains and selectors like this: + +``` +example.com 20211102 +example.org 20211101 +``` + +With this, rspamd looks for the private keys in `/var/lib/rspamd/dkim/example.com.20211102.key` and +`/var/lib/rspamd/dkim/example.org.20211101.key` (it is your responsibility to create/mount these files). + +# Environment Variables +## REDIS_SERVERS +- default: 127.0.0.1 + +Address of redis server to connect to (or multiples thereof). + +See the [rspamd documentation](https://rspamd.com/doc/configuration/redis.html) for +more information. diff --git a/rootfs/etc/confd/conf.d/redis.conf.toml b/rootfs/etc/confd/conf.d/redis.conf.toml new file mode 100644 index 0000000..f0cb85d --- /dev/null +++ b/rootfs/etc/confd/conf.d/redis.conf.toml @@ -0,0 +1,3 @@ +[template] +src = "redis.conf.tmpl" +dest = "/etc/rspamd/local.d/redis.conf" diff --git a/rootfs/etc/confd/templates/redis.conf.tmpl b/rootfs/etc/confd/templates/redis.conf.tmpl new file mode 100644 index 0000000..2521e00 --- /dev/null +++ b/rootfs/etc/confd/templates/redis.conf.tmpl @@ -0,0 +1,3 @@ +# See https://rspamd.com/doc/configuration/redis.html + +servers = "{{ getenv "REDIS_SERVERS" "127.0.0.1" }}"; diff --git a/rootfs/etc/rspamd/local.d/dkim_signing.conf b/rootfs/etc/rspamd/local.d/dkim_signing.conf new file mode 100644 index 0000000..69408b3 --- /dev/null +++ b/rootfs/etc/rspamd/local.d/dkim_signing.conf @@ -0,0 +1,6 @@ +# To configure this module, please also check the following document: +# https://rspamd.com/doc/tutorials/scanning_outbound.html and +# https://rspamd.com/doc/modules/dkim_signing.html + +path = "/var/lib/rspamd/dkim/$domain.$selector.key"; +selector_map = "/etc/rspamd/dkim_selectors.map"; diff --git a/rootfs/etc/rspamd/local.d/logging.inc b/rootfs/etc/rspamd/local.d/logging.inc new file mode 100644 index 0000000..22406a0 --- /dev/null +++ b/rootfs/etc/rspamd/local.d/logging.inc @@ -0,0 +1 @@ +type = "console" diff --git a/rootfs/etc/rspamd/local.d/milter_headers.conf b/rootfs/etc/rspamd/local.d/milter_headers.conf new file mode 100644 index 0000000..97a5d3c --- /dev/null +++ b/rootfs/etc/rspamd/local.d/milter_headers.conf @@ -0,0 +1,3 @@ +# Module documentation can be found at https://rspamd.com/doc/modules/milter_headers.html + +extended_spam_headers = true;