update

PhyreApps · Sep 30, 2024 · ce62ec5 · ce62ec5
1 parent 5799c99
commit ce62ec5
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 31 deletions.
diff --git a/web/Modules/Email/App/Console/SetupEmailServer.php b/web/Modules/Email/App/Console/SetupEmailServer.php
@@ -80,7 +80,11 @@ public function handle()
         $postfixMasterCf = PhyreBlade::render('email::server.postfix.master.cf');
         file_put_contents('/etc/postfix/master.cf', $postfixMasterCf);
 
-        $openDkimConf = PhyreBlade::render('email::server.opendkim.opendkim.conf', $mysqlDbDetails);
+        $openDkimConf = PhyreBlade::render('email::server.opendkim.opendkim.conf', [
+            'hostName' => setting('email.hostname'),
+            'domain' => setting('email.domain'),
+            'mysqlConnectionUrl'=>  $mysqlDbDetails["username"].':'.$mysqlDbDetails['password'].'@'.$mysqlDbDetails['host'].'/'.$mysqlDbDetails['database'],
+        ]);
         file_put_contents('/etc/opendkim.conf', $openDkimConf);
 
         shell_exec('systemctl restart dovecot');
@@ -89,17 +93,4 @@ public function handle()
 
     }
 
-    public function checkDNSValidation()
-    {
-
-        // exec: dig @1.1.1.1 +short MX allsidepixels.com
-        // output: 10 mail.allsidepixels.com
-
-        // exec: dig @1.1.1.1 +short A mail.allsidepixels.com
-        // output: 49.13.13.211
-
-        // exec: dig @1.1.1.1 +short -x 49.13.13.211
-        // output: mail.allsidepixels.com
-
-    }
 }
diff --git a/web/Modules/Email/resources/views/server/opendkim/opendkim.conf b/web/Modules/Email/resources/views/server/opendkim/opendkim.conf
@@ -3,26 +3,16 @@
 # /usr/share/doc/opendkim/examples/opendkim.conf.sample for complete
 # documentation of available configuration parameters.
 
-Syslog			yes
-SyslogSuccess		yes
-#LogWhy			no
+LogWhy                  yes
+Syslog                  yes
+SyslogSuccess           yes
 
 # Common signing and verification parameters. In Debian, the "From" header is
 # oversigned, because it is often the identity key used by reputation systems
 # and thus somewhat security sensitive.
 Canonicalization	relaxed/simple
-#Mode			sv
-#SubDomains		no
 OversignHeaders		From
 
-# Signing domain, selector, and key (required). For example, perform signing
-# for domain "example.com" with selector "2020" (2020._domainkey.example.com),
-# using the private key stored in /etc/dkimkeys/example.private. More granular
-# setup options can be found in /usr/share/doc/opendkim/README.opendkim.
-#Domain			example.com
-#Selector		2020
-#KeyFile		/etc/dkimkeys/example.private
-
 # In Debian, opendkim runs as user "opendkim". A umask of 007 is required when
 # using a local socket with MTAs that access the socket as a non-privileged
 # user (for example, Postfix). You may need to add user "postfix" to group
@@ -51,7 +41,18 @@ TrustAnchorFile		/usr/share/dns/root.key
 #Nameservers		127.0.0.1
 
 # Common verification parameters. This section is used by both the signing and
-SigningTable dsn:mysql://{{ $username.':'.$password.'@'.$host.'/'.$database }}/table=domain_dkim_signings?keycol=author?datacol=dkim_id
-KeyTable     dsn:mysql://{{ $username.':'.$password.'@'.$host.'/'.$database }}/table=domain_dkim?keycol=id?datacol=domain_name,selector,private_key
-
-
+SigningTable dsn:mysql://{{$mysqlConnectionUrl}}/table=domain_dkim_signings?keycol=author?datacol=dkim_id
+KeyTable     dsn:mysql://{{$mysqlConnectionUrl}}/table=domain_dkim?keycol=id?datacol=domain_name,selector,private_key
+
+# This is a set of internal hosts whose mail should be signed by this filter.
+Domain    {{$domain}}
+KeyFile    /etc/opendkim/keys/{{$domain}}/mail.private
+Selector   dkim
+SOCKET    inet:[email protected]
+Mode                    sv
+SubDomains              no
+AutoRestart         yes
+AutoRestartRate     10/1M
+Background          yes
+DNSTimeout          5
+SignatureAlgorithm  rsa-sha256