#Note previosly installed DKIM milter for sendmail and created a private key and DNS entry as per its instructions. Sendmail was able to sign messages sent at the command line.,
#We are told openemm does not as it creates its own mail queue which sendmail blindly sends and none of sendmails filters are processed
#Sendmail was also correctly set up to deal with incoming openemm email with the bav milter. As per openemm instructions
#Openemm was installed to /home/openemm as per instructions
go where ever you download your src code
#DNS
wget
http://www.dnspython.org/kits/1.7.1/dns ... 7.1.tar.gz
tar -zxvf dnspython-1.7.1.tar.gz
cd dnspython-1.7.1
python setup.py install
cd ..
#dkim
wget
http://hewgill.com/pydkim/pydkim-0.3.tar.gz
tar -zxvf pydkim-0.3.tar.gz
cd pydkim-0.3
python setup.py install
cd ..
#hashlib (only need on pythion 2.4 and before included in newer ones)
wget
http://code.krypto.org/python/hashlib/h ... 119.tar.gz
tar -zxvf hashlib-20081119.tar.gz
cd hashlib-20081119
python setup.py install
cd ..
#testing add include for dkim to headers.
e.g. the other imports are at
36d35
< import dkim
su openemm
/home/openemm/bin/OpenEMM.sh stop
cd /home/openemm
./bin/scripts/semu.py
#(will probably complain something already running, if you get this far all includes worked.).
#Verify you have setup dkim properly refer to dkim-milter docs
dkim-testkey -d mydomain.com -k /data/dkim/mydomain.private -s mydomain
The below is the diff I got running after I made some changes, sorry so much is hardcoded for now, first time I've ever written any python.
#diff bin/scripts/semu.py bin/scripts/semu.pyold
36d35
< import dkim
556,583d554
< dkimkeypath = "/data/dkim/mydomain.private"
< selector="mydomain"
< domain="mydomain.com"
< dkimlog='/home/openemm/var/log/dkim.log'
< DKIMheaders=['To','Subject','From']
< try:
< fd = open (dkimkeypath)
< dkimkey = fd.read ()
< fd.close ()
< except IOError, e:
< dkimkey = None
< agn.log (agn.LV_ERROR, self.mid, 'Failed to read dkimkeypath file %s: %s' % (dkimkeypath, `e.args`))
< try:
< fd = open (dkimlog, 'a')
< DKIMSignature = dkim.sign(self.mail,selector,domain,dkimkey,include_headers=DKIMheaders,debuglog=fd)
< fd.close ()
< agn.log (agn.LV_ERROR, self.mid, 'DKIMSignature not added yet %s' % (DKIMSignature))
< tempmail = DKIMSignature
< tempmail += self.mail
< fd = open (dkimlog, 'a')
< fd.write("\n-------\n")
< fd.write(tempmail)
< fd.write("\n-------\n")
< fd.close ()
< self.mail=tempmail
< except dkim.DKIMException, e:
< DKIMSignature = None
< agn.log (agn.LV_ERROR, self.mid, 'Failed to read DKIMException file %s: %s' % (dkimkeypath, `e.args`))
/home/openemm/bin/OpenEMM.sh stop
#Openemm appears to write mail differently depending on if it is using sendmail directly or not - as I can't figure out what to change if it uses sendmail we turn it off
/home/openemm/bin/sendmail-disable.sh
#Because semu on its own is a pretty rubbish mailer e.g. could not send email to
somemeail@test.myiptest.com so we tell it to relay through local sendmail (or your ISP)
echo "127.0.0.1" > /home/openemm/conf/smart-relay
#cause sendmail still does it better
/etc/init.d/sendmail start
/home/openemm/bin/OpenEMM.sh start
goto
www.myiptest.com and its dkim test page. follow instructions to get a one time mail address, go to openemm add email address as admiistrator and send test mail to administrators (cc yourself as well so you can see what a DKIM header looks like). It will check there is a DKIJM header and that it matches the key in your DNS record which you set up following dkim-milter instructions.
Not tested bounces still work - can't see why they wouldn'd as semy.py and sendmail run on different ports (I have not done the port redirection thing). So sendmail should still handle incoming bounces correctly.
Feedback - particularly improvements to me rubbish code appreciated.
Anyone got a clue how to do something similar while leaving openemm in sendmail-enable mode?