smeserver-qpsmtpd/root/sbin/e-smith/qpsmtpd-print-dns

81 lines
2.2 KiB
Perl

#!/usr/bin/perl -w
use esmith::ConfigDB;
use esmith::DomainsDB;
my $c = esmith::ConfigDB->open_ro || die "Couldn't open the configuration database";
my $d = esmith::DomainsDB->open_ro || die "Couldn't open the domains database";
my $domain = shift || $c->get('DomainName')->value;
die "Domain $domain doesn't exist"
unless ($d->get($domain) && $d->get($domain)->prop('type') eq 'domain');
warn "DKIM Signing is disabled for domain $domain"
if (($d->get($domain)->prop('DKIMSigning') || 'enabled') eq 'disabled');
die "Can't find DKIM keys for domain $domain"
unless (-e "/var/service/qpsmtpd/config/dkim/$domain/public");
die "Can't find the selector for domain $domain"
unless (-e "/var/service/qpsmtpd/config/dkim/$domain/selector");
print <<'_EOF';
Here are sample DNS entries you should add in your public DNS.
There are two DKIM key copies.
Depending on your provider you might be able to copy these as is.
The first has a complete DKIM key with no "" breaks.
The second has the DKIM entry broken into 255 character chunks
with quotes for providers who cannot support long strings.
You may need to separate these with either a space, a newline or
a backslash escaped newline between the "" depending on your
dns provider.
You should either change the reporting email address for DMARC
or create the needed pseudonym 'dmarc-feedback'.
_EOF
my $key_string = "v=DKIM1;p=";
open PUBKEY, "/var/service/qpsmtpd/config/dkim/$domain/public";
while(<PUBKEY>){
next if /^\-/;
chomp;
$key_string .= $_;
}
close PUBKEY;
$key_string .= ";t=y";
open SEL, "/var/service/qpsmtpd/config/dkim/$domain/selector";
my $selector = <SEL>;
chomp $selector;
close SEL;
print "DKIM complete\n";
print "=============\n";
print " \n";
print "$selector._domainkey IN TXT $key_string\n";
my @key_chunks = ( $key_string =~ /.{1,255}/g );
my $txt = '';
$txt .= '"' . $_ . '"' foreach (@key_chunks);
print " \n";
print "DKIM in 255 character chunks\n";
print "============================\n";
print " \n";
print <<"_EOF";
$selector._domainkey IN TXT $txt
\n
DMARC records
=============
\@ IN SPF "v=spf1 mx a -all"
\@ IN TXT "v=spf1 mx a -all"
_dmarc IN TXT "v=DMARC1; p=none; adkim=s; aspf=r; rua=mailto:dmarc-feedback\@$domain; pct=100"
_EOF