improve OpenDKIM and OpenDMARC milters integration (#361)

Dockerfile

@@ -83,6 +83,7 @@ COPY target/opendkim/default-opendkim /etc/default/opendkim
 # Configure DMARC (opendmarc)
 COPY target/opendmarc/opendmarc.conf /etc/opendmarc.conf
 COPY target/opendmarc/default-opendmarc /etc/default/opendmarc
+COPY target/opendmarc/ignore.hosts /etc/opendmarc/ignore.hosts
 
 # Configure fetchmail
 COPY target/fetchmail/fetchmailrc /etc/fetchmailrc_general

target/opendkim/default-opendkim

@@ -9,4 +9,4 @@
 #SOCKET="inet:12345@localhost" # listen on loopback on port 12345
 #SOCKET="inet:12345@192.0.2.1" # listen on 192.0.2.1 on port 12345
 
-SOCKET="inet:12301@localhost"
+SOCKET="inet:8891@localhost"

target/opendkim/opendkim.conf

@@ -19,4 +19,4 @@ SignatureAlgorithm      rsa-sha256
 
 UserID                  opendkim:opendkim
 
-Socket                  inet:12301@localhost
+Socket                  inet:8891@localhost

target/opendmarc/default-opendmarc

@@ -8,4 +8,5 @@
 #SOCKET="inet:54321" # listen on all interfaces on port 54321
 #SOCKET="inet:12345@localhost" # listen on loopback on port 12345
 #SOCKET="inet:12345@192.0.2.1" # listen on 192.0.2.1 on port 12345
-SOCKET="inet:54321@localhost"
+
+SOCKET="inet:8893@localhost"

target/opendmarc/ignore.hosts

@@ -0,0 +1 @@
+localhost

target/opendmarc/opendmarc.conf

@@ -1,8 +1,12 @@
-
-PidFile /var/run/opendmarc.pid
-RejectFailures false
-Syslog true
-UMask 0002
 UserID   opendmarc:opendmarc
+UMask    0002
+PidFile  /var/run/opendmarc.pid
+Syslog   true
+
+RejectFailures  false
+
 IgnoreHosts  /etc/opendmarc/ignore.hosts
 HistoryFile  /var/run/opendmarc/opendmarc.dat
+
+AuthservID          HOSTNAME
+TrustedAuthservIDs  HOSTNAME

target/postfix/main.cf

@@ -67,7 +67,9 @@ virtual_alias_maps = hash:/etc/postfix/virtual
 content_filter = smtp-amavis:[127.0.0.1]:10024
 
 # Milters used by DKIM
-milter_protocol = 2
+milter_protocol = 6
 milter_default_action = accept
-smtpd_milters = inet:localhost:12301,inet:localhost:54321
-non_smtpd_milters = inet:localhost:12301,inet:localhost:54321
+dkim_milter = inet:localhost:8891
+dmarc_milter = inet:localhost:8893
+smtpd_milters = $dkim_milter,$dmarc_milter
+non_smtpd_milters = $dkim_milter

target/postfix/master.cf

@@ -93,5 +93,5 @@ smtp-amavis     unix    -       -       -       -       2       smtp
   -o smtpd_hard_error_limit=1000
   -o smtpd_client_connection_count_limit=0
   -o smtpd_client_connection_rate_limit=0
-  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
+  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
   -o smtp_tls_security_level=none

target/start-mailserver.sh

@@ -109,19 +109,6 @@ else
   echo "No DKIM key provided. Check the documentation to find how to get your keys."
 fi
 
-# DMARC
-# if there is no AuthservID create it
-if [ `cat /etc/opendmarc.conf | grep -w AuthservID | wc -l` -eq 0 ]; then
-  echo "AuthservID $(hostname)" >> /etc/opendmarc.conf
-fi
-if [ `cat /etc/opendmarc.conf | grep -w TrustedAuthservIDs | wc -l` -eq 0 ]; then
-  echo "TrustedAuthservIDs $(hostname)" >> /etc/opendmarc.conf
-fi
-if [ ! -f "/etc/opendmarc/ignore.hosts" ]; then
-  mkdir -p /etc/opendmarc/
-  echo "localhost" >> /etc/opendmarc/ignore.hosts
-fi
-
 # SSL Configuration
 case $SSL_TYPE in
   "letsencrypt" )

test/tests.bats

@@ -379,22 +379,6 @@
   [ "$output" -eq 4 ]
 }
 
-#
-# opendmarc
-#
-
-@test "checking opendkim: server fqdn should be added to /etc/opendmarc.conf as AuthservID" {
-  run docker exec mail grep ^AuthservID /etc/opendmarc.conf
-  [ "$status" -eq 0 ]
-  [ "$output" = "AuthservID mail.my-domain.com" ]
-}
-
-@test "checking opendkim: server fqdn should be added to /etc/opendmarc.conf as TrustedAuthservIDs" {
-  run docker exec mail grep ^TrustedAuthservID /etc/opendmarc.conf
-  [ "$status" -eq 0 ]
-  [ "$output" = "TrustedAuthservIDs mail.my-domain.com" ]
-}
-
 #
 # ssl
 #