udelarinterior.dkim

Panoramica Versioni Approfondimenti

ansible-dkim

Ansible role to set up Postfix with OpenDKIM, a DKIM mail signing tool for Linux. This works on Debian and its derivatives, like Ubuntu.

Description

This role sets up a DKIM mail signing service on systems that act as Mail Transport Agents (MTAs).

The role:

  • installs and configures OpenDKIM,
  • generates private and public DKIM keys for the domains specified in the dkim_domains variable,
  • installs Postfix and configures it to send messages from the specified domains to OpenDKIM for signing,
  • provides the DNS records for the public keys that need to be added to the domain's public DNS.

Requirements

You need to manage all other email services separately and have access to the DNS settings of the domains you want to sign. After running the role, you will receive the DNS records with the public keys that you should publish in the public DNS.

Role Variables

For default values and comments, check the role's file at default/main.yml.

OpenDKIM Package Parameters

Variable Default Value Description
dkim_default_config_file /etc/default/opendkim Default configuration file for OpenDKIM
dkim_opendkim_config_dir /etc/opendkim Directory for OpenDKIM configuration
dkim_user opendkim Linux user that runs OpenDKIM
dkim_group opendkim Linux group that runs OpenDKIM

OpenDKIM Configuration Parameters

Variable Default Value Description
dkim_selector email Selector for the DKIM public key DNS record
dkim_admin_email none Email address for managing OpenDKIM
dkim_trustedhosts ['127.0.0.1','localhost'] List of trusted hosts for OpenDKIM
dkim_domains none List of domains that OpenDKIM will sign mail for
dkim_same_key true Use the same key for all domains or different keys for each
dkim_rsa_keylen 2048 RSA key length for generating keys

Postfix Configuration Variables

Variable Default Value Description
dkim_postfix_config_file /etc/postfix/main.cf Main configuration file for Postfix
dkim_postfix_config see vars/main.yml Parameters to define in Postfix configuration. Default settings ensure OpenDKIM is configured to sign emails.

Example Playbook

---
- hosts: myserver
  roles:
    - role: sunfoxcz.dkim
      # if admin_email variable is present, will be used as default for dkim_admin_email
      dkim_admin_email: [email protected]
      dkim_selector: mail
      dkim_domains:
       - domain1.tld
       - domain2.tld
      dkim_same_key: false

License

Licensed under the MIT license. See LICENSE for more information.

Informazioni sul progetto

Configure OpenDKIM with Postfix

role antispam mail opendkim postfix
Installa
ansible-galaxy install udelarinterior.dkim
GitHub repository
0 stelle
0 fork
0 problemi aperti
Licenza
mit
Download
68
Proprietario
redUI
Red Unidades Informáticas de la UdelaR en el Interior