Add dkim support (patch developed by Florian)

Author: tbrehm

install/sql/incremental/upd_0052.sql

@@ -0,0 +1,3 @@
+ALTER TABLE `mail_domain` ADD `dkim_public` MEDIUMTEXT NOT NULL AFTER `domain`;
+ALTER TABLE `mail_domain` ADD `dkim_private` MEDIUMTEXT NOT NULL AFTER `domain`;
+ALTER TABLE `mail_domain` ADD `dkim` ENUM( 'n', 'y' ) NOT NULL AFTER `domain`;

install/sql/ispconfig3.sql

@@ -663,6 +663,9 @@ CREATE TABLE `mail_domain` (
   `sys_perm_other` varchar(5) NOT NULL default '',
   `server_id` int(11) unsigned NOT NULL default '0',
   `domain` varchar(255) NOT NULL default '',
+  `dkim` ENUM( 'n', 'y' ) NOT NULL default 'n',
+  `dkim_private` mediumtext NOT NULL default '',
+  `dkim_public` mediumtext NOT NULL default '',
   `active` enum('n','y') NOT NULL,
   PRIMARY KEY  (`domain_id`),
   KEY `server_id` (`server_id`,`domain`),
@@ -2172,4 +2175,4 @@ INSERT INTO `sys_user` (`userid`, `sys_userid`, `sys_groupid`, `sys_perm_user`,
 
 INSERT INTO sys_config VALUES ('1','db','db_version','3.0.5.2');
 
-SET FOREIGN_KEY_CHECKS = 1;
+SET FOREIGN_KEY_CHECKS = 1;

install/tpl/amavisd_user_config.master

@@ -75,6 +75,12 @@ $LOGFILE = "/var/log/amavis.log";  # (defaults to empty, no log)
 # Set the log_level to 5 for debugging
 $log_level = 0;                # (defaults to 0)
 
+# DKIM
+
+$enable_dkim_verification = 1;
+$enable_dkim_signing = 1; # load DKIM signing code,
+@dkim_signature_options_bysender_maps = (
+{ '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } );
 
 #------------ Do not modify anything below this line -------------
 1;  # insure a defined return

install/tpl/opensuse_amavisd_conf.master

@@ -778,5 +778,11 @@ $spam_admin = undef;
 $DO_SYSLOG = 1;
 $LOGFILE = "/var/log/amavis.log";  # (defaults to empty, no log)
 
+# DKIM
+
+$enable_dkim_verification = 1;
+$enable_dkim_signing = 1; # load DKIM signing code,
+@dkim_signature_options_bysender_maps = (
+{ '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } );
 
 1;  # insure a defined return

install/tpl/server.ini.master

@@ -21,6 +21,7 @@ backup_mode=rootgz
 module=postfix_mysql
 maildir_path=/var/vmail/[domain]/[localpart]
 homedir_path=/var/vmail
+dkim_path=/etc/postfix/dkim
 pop3_imap_daemon=courier
 mail_filter_syntax=maildrop
 mailuser_uid=5000

interface/lib/classes/validate_dkim.inc.php

@@ -0,0 +1,60 @@
+<?php
+
+/*
+Copyright (c) 2007 - 2013, Till Brehm, projektfarm Gmbh
+Copyright (c) 2013, Florian Schaal, info@schaal-24.de
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class validate_dkim {
+	
+	function get_error($errmsg) {
+		global $app;
+        	if(isset($app->tform->wordbook[$errmsg])) {
+			return $app->tform->wordbook[$errmsg]."<br>\r\n";
+		} else {
+			return $errmsg."<br>\r\n";
+		}
+    	}
+    
+    	/* Validator function for private DKIM-Key */
+    	function check_private_key($field_name, $field_value, $validator) {
+		$dkim_enabled=$_POST['dkim'];
+		if ($dkim_enabled == 'y') {
+			if (empty($field_value)) return $this->get_error($validator['errmsg']);
+			exec('echo "'.$field_value.'"|openssl rsa -check',$output,$result);
+			if($result != 0) return $this->get_error($validator['errmsg']);
+		}
+	}
+
+	/* Validator function for DKIM Path */
+	function check_dkim_path($field_name, $field_value, $validator) {
+		if(empty($field_value)) return $this->get_error($validator['errmsg']);
+		if (substr(sprintf('%o', fileperms($field_value)),-3) <= 600)
+			return $this->get_error($validator['errmsg']);
+	}
+
+}

interface/web/admin/form/server_config.tform.php

@@ -211,6 +211,19 @@
 			'width' => '40',
 			'maxlength' => '255'
 		),
+                'dkim_path' => array(
+                        'datatype' => 'VARCHAR',
+                        'formtype' => 'TEXT',
+                        'default' => '/var/db/dkim',
+                        'validators'    => array (  0 => array ('type'  => 'CUSTOM',
+                                                                'class' => 'validate_dkim',
+                                                                'function' => 'check_dkim_path',
+                                                                'errmsg'=> 'dkim_path_error'),
+                                                 ),
+                        'value' => '',
+                        'width' => '40',
+                        'maxlength' => '255'
+                ),
 		'pop3_imap_daemon' => array(
 			'datatype' => 'VARCHAR',
 			'formtype' => 'SELECT',

interface/web/admin/lib/lang/en_server_config.lng

@@ -30,6 +30,8 @@ $wb["fastcgi_bin_txt"] = 'FastCGI Bin';
 $wb["module_txt"] = 'Module';
 $wb["maildir_path_txt"] = 'Maildir Path';
 $wb["homedir_path_txt"] = 'Homedir Path';
+$wb["dkim_path_txt"] = 'DKIM Path';
+$wb["dkim_path_error"] = 'DKIM Path not found or not writeable.';
 $wb["mailuser_uid_txt"] = 'Mailuser UID';
 $wb["mailuser_gid_txt"] = 'Mailuser GID';
 $wb["mailuser_name_txt"] = 'Mailuser Name';

interface/web/admin/templates/server_config_mail_edit.htm

@@ -19,6 +19,10 @@ <h2><tmpl_var name="list_head_txt"></h2>
                 <label for="homedir_path">{tmpl_var name='homedir_path_txt'}</label>
                 <input name="homedir_path" id="homedir_path" value="{tmpl_var name='homedir_path'}" size="40" maxlength="255" type="text" class="textInput" />
             </div>
+            <div class="ctrlHolder">
+                <label for="dkim_path">{tmpl_var name='dkim_path_txt'}</label>
+                <input name="dkim_path" id="dkim_path" value="{tmpl_var name='dkim_path'}" size="40" maxlength="255" type="text" class="textInput" />
+            </div>
             <div class="ctrlHolder">
                 <p class="label">{tmpl_var name='pop3_imap_daemon_txt'}</p>
                 <div class="multiField">
@@ -95,4 +99,4 @@ <h2><tmpl_var name="list_head_txt"></h2>
         </div>
     </div>
 
-</div>
+</div>

interface/web/mail/form/mail_domain.tform.php

@@ -98,6 +98,33 @@
 			'maxlength'	=> '255',
 			'searchable' => 1
 		),
+                'dkim' => array (
+                        'datatype'      => 'VARCHAR',
+                        'formtype'      => 'CHECKBOX',
+                        'default'       => 'n',
+                        'value'         => array(0 => 'n',1 => 'y')
+                ),
+                'dkim_private' => array (
+                        'datatype'      => 'TEXT',
+                        'formtype'      => 'TEXTAREA',
+                        'default'       => '',
+                        'value'         => '',
+                        'cols'          => '30',
+                        'rows'          => '10',
+                        'validators'    => array (  0 => array ('type'  => 'CUSTOM',
+                                                                'class' => 'validate_dkim',
+                                                                'function' => 'check_private_key',
+                                                                'errmsg'=> 'dkim_private_key_error'),
+                                    ),
+                ),
+                'dkim_public' => array (
+                        'datatype'      => 'TEXT',
+                        'formtype'      => 'TEXTAREA',
+                        'default'       => '',
+                        'value'         => '',
+                        'cols'          => '30',
+                        'rows'          => '10'
+                ),
 		'active' => array (
 			'datatype'	=> 'VARCHAR',
 			'formtype'	=> 'CHECKBOX',
@@ -111,4 +138,4 @@
 );
 
 
-?>
+?>