SERVER=
OPT=
+FAKE =
.include DIR/aux-var/std_conf_prefix
# ----- Main settings -----
-acl_smtp_rcpt = accept
-acl_smtp_dkim = accept logwrite = signer: $dkim_cur_signer bits: $dkim_key_length h=$dkim_headernames
+acl_smtp_rcpt = accept logwrite = rcpt acl: macro: _DKIM_SIGN_HEADERS
+acl_smtp_dkim = accept logwrite = dkim_acl: signer: $dkim_cur_signer bits: $dkim_key_length h=$dkim_headernames
+acl_smtp_data = accept logwrite = data acl: dkim status $dkim_verify_status
+
+dkim_verify_signers = $dkim_signers : FAKE
DDIR=DIR/aux-fixed/dkim
+log_selector = -dkim +dkim_verbose
+
# ----- Routers
begin routers
dkim_selector = sel
.endif
- dkim_private_key = ${if match {$dkim_selector}{^ses} {DDIR/dkim512.private} \
- {${if match {$dkim_selector}{^sel} {DDIR/dkim.private} \
- {}}}}
+ dkim_private_key = ${extract {${length_3:$dkim_selector}} {\
+ ses=dkim512.private \
+ sel=dkim.private \
+ sed=dkim_ed25519.private \
+ }{DDIR/$value}}
.ifndef HEADERS_MAXSIZE
dkim_sign_headers = OPT
+.else
+ dkim_identity = allheaders@$dkim_domain
.endif
.ifdef VALUE
dkim_hash = VALUE
.endif
+.ifdef STRICT
+ dkim_strict = STRICT
+.endif
# End