From: millert <millert@openbsd.org>
Date: Sat, 13 Dec 2014 13:36:03 +0000 (+0000)
Subject: Add DKIM signing example based on eric@'s asiabsdcon slides
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=c8f9936f6da0d18ffe26b68d1a2f28abf6ad5231;p=openbsd

Add DKIM signing example based on eric@'s asiabsdcon slides
OK gilles@ jmc@
---

diff --git a/usr.sbin/smtpd/smtpd.conf.5 b/usr.sbin/smtpd/smtpd.conf.5
index 81964977c23..f901bedb792 100644
--- a/usr.sbin/smtpd/smtpd.conf.5
+++ b/usr.sbin/smtpd/smtpd.conf.5
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: smtpd.conf.5,v 1.122 2014/11/19 04:05:44 schwarze Exp $
+.\"	$OpenBSD: smtpd.conf.5,v 1.123 2014/12/13 13:36:03 millert Exp $
 .\"
 .\" Copyright (c) 2008 Janne Johansson <jj@openbsd.org>
 .\" Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net>
@@ -17,7 +17,7 @@
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
 .\"
-.Dd $Mdocdate: November 19 2014 $
+.Dd $Mdocdate: December 13 2014 $
 .Dt SMTPD.CONF 5
 .Os
 .Sh NAME
@@ -968,6 +968,22 @@ accept from any for domain example.org \e
 	deliver to mda "/path/to/mda \-f \-"
 accept for any relay
 .Ed
+.Pp
+For sites that wish to sign messages using DKIM, the
+.Em dkimproxy
+package may be used as a filter.
+The following example is the same as the default configuration,
+but all outgoing mail is passed to dkimproxy_out on port 10027
+for signing.
+The signed messages are received on port 10028 and tagged for relaying.
+.Bd -literal -offset indent
+listen on lo0
+listen on lo0 port 10028 tag DKIM
+table aliases db:/etc/mail/aliases.db
+accept for local alias <aliases> deliver to mbox
+accept tagged DKIM for any relay
+accept from local for any relay via smtp://127.0.0.1:10027
+.Ed
 .Sh SEE ALSO
 .Xr mailer.conf 5 ,
 .Xr table 5 ,