We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
DKIM, DMARC, SPF Automatization
DKIM, DMARC, SPF Automatization
As far as I know there is no automation for proper
DKIM, DMARC, SPF - DNS records.
It always takes me some time and efforts to make DKIM 2048 bits signiture.
I also add DMARC and SPF records to qualify mail-server demands.
Did anybody try to make some modifications in Vesta CP to get
proper DKIM, DMARC, SPF records?
The task is to make DNS records like this
---
This is
DKIM public key 2048 bytes
SPF records of SPF and TXT type
DMAR record
If I will do it for myself, I will share the solution.
DKIM, DMARC, SPF - DNS records.
It always takes me some time and efforts to make DKIM 2048 bits signiture.
I also add DMARC and SPF records to qualify mail-server demands.
Did anybody try to make some modifications in Vesta CP to get
proper DKIM, DMARC, SPF records?
The task is to make DNS records like this
---
Code: Select all
@ 14400 IN TXT "v=spf1 a mx ip4:80.69.77.192 a:pir.org ~all"
@ 14400 IN SPF "v=spf1 a mx ip4:80.69.77.192 a:pir.org ~all"
_domainkey 14400 IN TXT "t=y; o=~;"
mail._domainkey 14400 IN TXT ("k=rsa; p=MBLABLABLABLAqhkiG9w0BAQEBLABLABLABLABLABLABLABLArDMSrWchlsv+4/1Zf6m"
"ACjBLABLABLABLABLABLABLABLAaRUYn9VcZTbLRZOtvfgPXvxMBLABLABLABLAhF+ul6mC4YvdhIYfYoG7TbGU"
"xlTEx+T7Ox9YXUEBan1vF1Ddg4UBW1Ig1EEm5ZHMj+HHgXlA7Y427ocMyc+/I7OTBLABLABLABLA4HzfWybJ6EfvjI6VurR"
"9CFIXP7a9tMxP23zgv5p+MQ92z7TVyyYtYGu7eAj4lN9ITXJJ8T1rPBLABLABLABLAktpQdOjLEFKkPBp1ZuRl"
"DXGOTv5s30hn8lg9iADoEwIDAQAB")
_adsp._domainkey 14400 IN TXT "dkim=all"
_dmarc 14400 IN TXT ("v=DMARC1; p=reject; sp=none;"
"rua=mailto:[email protected]; ruf=mailto:[email protected]; rf=afrf; pct=100; ri=3600")
DKIM public key 2048 bytes
SPF records of SPF and TXT type
DMAR record
If I will do it for myself, I will share the solution.
Re: DKIM, DMARC, SPF Automatization
v-add-mail-domain-dkim
Code: Select all
#!/bin/bash
# info: add mail domain dkim support
# options: USER DOMAIN [DKIM_SIZE]
#
# The function adds DKIM signature to outgoing domain emails.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument defenition
user=$1
domain=$(idn -t --quiet -u "$2" )
domain=$(echo $domain | tr '[:upper:]' '[:lower:]')
domain_idn=$(idn -t --quiet -a "$domain")
dkim_size=${3-1024}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Define mail user
if [ "$MAIL_SYSTEM" = 'exim4' ]; then
MAIL_USER=Debian-exim
else
MAIL_USER=exim
fi
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [DKIM_SIZE]'
is_format_valid 'user' 'domain' 'dkim_size'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_value_empty 'mail' 'DOMAIN' "$domain" '$DKIM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating dkim
openssl genrsa -out $USER_DATA/mail/$domain.pem $dkim_size &>/dev/null
openssl rsa -pubout -in $USER_DATA/mail/$domain.pem \
-out $USER_DATA/mail/$domain.pub &>/dev/null
chmod 660 $USER_DATA/mail/$domain.*
# Adding dkim keys
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
cp $USER_DATA/mail/$domain.pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem
chown $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/dkim.pem
chmod 660 $HOMEDIR/$user/conf/mail/$domain/dkim.pem
fi
# Adding dns records
if [ ! -z "$DNS_SYSTEM" ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then
p=$(cat $USER_DATA/mail/$domain.pub |grep -v ' KEY---' |tr -d '\n')
record='_domainkey'
policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
record='mail._domainkey'
selector="\"k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding dkim in config
update_object_value 'mail' 'DOMAIN' "$domain" '$DKIM' 'yes'
increase_user_value "$user" '$U_MAIL_DKMI'
# Logging
log_history "enabled DKIM support for $domain"
log_event "$OK" "$EVENT"
exit