qpsmtpd/config.sample/dkim/dkim_key_gen.sh

#!/bin/sh

usage() {
    echo "   usage: $0 <example.com> [qpsmtpd username]"
    echo " "
    exit
}

if [ -z $1 ];
then
    usage
fi

DOMAIN=$1
SMTPD=$2
if [ -z $SMTPD ];
then
    SMTPD="smtpd"
fi

# create a directory for each DKIM signing domain
mkdir -p $DOMAIN
cd $DOMAIN

# create a selector in the format mmmYYYY (apr2013)
date '+%h%Y' | tr "[:upper:]" "[:lower:]" > selector

# generate a private and public keys
openssl genrsa -out private 2048
chmod 400 private
openssl rsa -in private -out public -pubout

# make it really easy to publish the public key in DNS
cat > dns <<EO_DKIM_DNS

`cat selector | tr -d "\n"`._domainkey TXT "v=DKIM1;p=`grep -v -e '^-' public | tr -d "\n"`"

Tell the world that the ONLY mail servers that send mail from this domain are DKIM signed and/or bear our MX and A records.

With SPF:

        SPF "v=spf1 mx a -all"
        TXT "v=spf1 mx a -all"

With DMARC:

_dmarc  TXT "v=DMARC1; p=reject; adkim=s; aspf=r; rua=mailto:dmarc-feedback@$DOMAIN; ruf=mailto:dmarc-feedback@$DOMAIN; pct=100"

With DomainKeys (deprecated)

_domainkey TXT "o=-; t=y; r=postmaster@$DOMAIN"

For more information about DKIM and SPF policy, the documentation within each plugin contains a longer discussion and links to more detailed information:

   perldoc plugins/dkim
   perldoc plugins/sender_permitted_from


EO_DKIM_DNS

cd ..
chown -R $SMTPD:$SMTPD $DOMAIN
dkim: improve POD, add dkim_key_gen.sh 2013-04-15 03:42:21 +02:00			`#!/bin/sh`

			`usage() {`
			`echo " usage: $0 <example.com> [qpsmtpd username]"`
			`echo " "`
			`exit`
			`}`

			`if [ -z $1 ];`
			`then`
			`usage`
			`fi`

			`DOMAIN=$1`
			`SMTPD=$2`
			`if [ -z $SMTPD ];`
			`then`
			`SMTPD="smtpd"`
			`fi`

			`# create a directory for each DKIM signing domain`
			`mkdir -p $DOMAIN`
			`cd $DOMAIN`

			`# create a selector in the format mmmYYYY (apr2013)`
			`date '+%h%Y' \| tr "[:upper:]" "[:lower:]" > selector`

			`# generate a private and public keys`
			`openssl genrsa -out private 2048`
			`chmod 400 private`
			`openssl rsa -in private -out public -pubout`

			`# make it really easy to publish the public key in DNS`
			`cat > dns <<EO_DKIM_DNS`

			`cat selector \| tr -d "\n"`._domainkey TXT "v=DKIM1;p=`grep -v -e '^-' public \| tr -d "\n"`"

a collection of DKIM enhancements * disable Mail::DKIM::TextWrap (causes mangled messages for some clients) * pod improvements * don't log the entire DKIM signature when signing * add dkim_pass_domains connection note with DKIM signer domains that pass * enable dkim tests 2013-04-20 22:08:19 +02:00			`Tell the world that the ONLY mail servers that send mail from this domain are DKIM signed and/or bear our MX and A records.`
dkim: improve POD, add dkim_key_gen.sh 2013-04-15 03:42:21 +02:00
			`With SPF:`

			`SPF "v=spf1 mx a -all"`
			`TXT "v=spf1 mx a -all"`

			`With DMARC:`

Fix a stray quote in the generated 'dns' file. 2015-01-06 14:57:52 +01:00			`_dmarc TXT "v=DMARC1; p=reject; adkim=s; aspf=r; rua=mailto:dmarc-feedback@$DOMAIN; ruf=mailto:dmarc-feedback@$DOMAIN; pct=100"`
a collection of DKIM enhancements * disable Mail::DKIM::TextWrap (causes mangled messages for some clients) * pod improvements * don't log the entire DKIM signature when signing * add dkim_pass_domains connection note with DKIM signer domains that pass * enable dkim tests 2013-04-20 22:08:19 +02:00
			`With DomainKeys (deprecated)`

			`_domainkey TXT "o=-; t=y; r=postmaster@$DOMAIN"`
dkim: improve POD, add dkim_key_gen.sh 2013-04-15 03:42:21 +02:00
			`For more information about DKIM and SPF policy, the documentation within each plugin contains a longer discussion and links to more detailed information:`

			`perldoc plugins/dkim`
			`perldoc plugins/sender_permitted_from`


			`EO_DKIM_DNS`

			`cd ..`
			`chown -R $SMTPD:$SMTPD $DOMAIN`