opendkim package creation

Signed-off-by: webbuilder_pel7ppc64lebuilder0 <webbuilder@powerel.org>

SOURCES/0001-support-for-lua-5.3.patch

@@ -0,0 +1,271 @@
+From b15794f391547a983c64afed029a883fed3c3c1c Mon Sep 17 00:00:00 2001
+From: Matt Domsch <matt@domsch.com>
+Date: Sat, 25 Apr 2020 23:04:38 -0500
+Subject: [PATCH] support for lua 5.3
+
+---
+ miltertest/miltertest.c | 14 +++----
+ opendkim/opendkim-lua.c | 82 +++++++++++++++++++++++++----------------
+ 2 files changed, 58 insertions(+), 38 deletions(-)
+
+diff --git a/miltertest/miltertest.c b/miltertest/miltertest.c
+index 04e50c04..37dc601d 100644
+--- a/miltertest/miltertest.c
++++ b/miltertest/miltertest.c
+@@ -4009,12 +4009,12 @@ main(int argc, char **argv)
+ 	}
+ 
+ 	/* register functions */
+-#if LUA_VERSION_NUM == 502
+-        luaL_newlib(l, mt_library);
++#if LUA_VERSION_NUM >= 502
++	luaL_newlib(l, mt_library);
+ 	lua_setglobal(l, "mt");
+-#else /* LUA_VERSION_NUM == 502 */
++#else /* LUA_VERSION_NUM >= 502 */
+ 	luaL_register(l, "mt", mt_library);
+-#endif /* LUA_VERSION_NUM == 502 */
++#endif /* LUA_VERSION_NUM >= 502 */
+ 	lua_pop(l, 1);
+ 
+ 	/* register constants */
+@@ -4163,13 +4163,13 @@ main(int argc, char **argv)
+ 	lua_setglobal(l, "SMFIF_SETSYMLIST");
+ #endif /* SMFIF_SETSYMLIST */
+ 
+-#if LUA_VERSION_NUM == 502
++#if LUA_VERSION_NUM >= 502
+ 	switch (lua_load(l, mt_lua_reader, (void *) &io,
+ 	                 script == NULL ? "(stdin)" : script, NULL))
+-#else /* LUA_VERSION_NUM == 502 */
++#else /* LUA_VERSION_NUM >= 502 */
+ 	switch (lua_load(l, mt_lua_reader, (void *) &io,
+ 	                 script == NULL ? "(stdin)" : script))
+-#endif /* LUA_VERSION_NUM == 502 */
++#endif /* LUA_VERSION_NUM >= 502 */
+ 	{
+ 	  case 0:
+ 		break;
+diff --git a/opendkim/opendkim-lua.c b/opendkim/opendkim-lua.c
+index 4720862c..3786aa4b 100644
+--- a/opendkim/opendkim-lua.c
++++ b/opendkim/opendkim-lua.c
+@@ -285,11 +285,11 @@ dkimf_lua_alloc(void *ud, void *ptr, size_t osize, size_t nsize)
+ 		free(ptr);
+ 		return NULL;
+ 	}
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	else if (nsize != 0 && ptr == NULL)
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	else if (nsize != 0 && osize == 0)
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	{
+ 		return malloc(nsize);
+ 	}
+@@ -485,12 +485,12 @@ dkimf_lua_setup_hook(void *ctx, const char *script, size_t scriptlen,
+ 	**  Register functions.
+ 	*/
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	luaL_newlib(l, dkimf_lua_lib_setup);
+ 	lua_setglobal(l, "odkim");
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	luaL_register(l, "odkim", dkimf_lua_lib_setup);
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	lua_pop(l, 1);
+ 
+ 	/*
+@@ -532,11 +532,11 @@ dkimf_lua_setup_hook(void *ctx, const char *script, size_t scriptlen,
+ 	/* import other globals */
+ 	dkimf_import_globals(ctx, l);
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL))
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name))
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	{
+ 	  case 0:
+ 		break;
+@@ -564,8 +564,12 @@ dkimf_lua_setup_hook(void *ctx, const char *script, size_t scriptlen,
+ 		io.lua_io_len = 0;
+ 		io.lua_io_alloc = 0;
+ 
++#if LUA_VERSION_NUM >= 503
++		if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0)
++#else
+ 		if (lua_dump(l, dkimf_lua_writer, &io) == 0)
+-		{
++#endif
++	        {
+ 			*keep = (void *) io.lua_io_script;
+ 			*funclen = io.lua_io_len;
+ 		}
+@@ -640,12 +644,12 @@ dkimf_lua_screen_hook(void *ctx, const char *script, size_t scriptlen,
+ 	**  Register functions.
+ 	*/
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	luaL_newlib(l, dkimf_lua_lib_screen);
+ 	lua_setglobal(l, "odkim");
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	luaL_register(l, "odkim", dkimf_lua_lib_screen);
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	lua_pop(l, 1);
+ 
+ 	/*
+@@ -677,11 +681,11 @@ dkimf_lua_screen_hook(void *ctx, const char *script, size_t scriptlen,
+ 	/* import other globals */
+ 	dkimf_import_globals(ctx, l);
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL))
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name))
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	{
+ 	  case 0:
+ 		break;
+@@ -709,7 +713,11 @@ dkimf_lua_screen_hook(void *ctx, const char *script, size_t scriptlen,
+ 		io.lua_io_len = 0;
+ 		io.lua_io_alloc = 0;
+ 
++#if LUA_VERSION_NUM >= 503
++		if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0)
++#else		  
+ 		if (lua_dump(l, dkimf_lua_writer, &io) == 0)
++#endif
+ 		{
+ 			*keep = (void *) io.lua_io_script;
+ 			*funclen = io.lua_io_len;
+@@ -785,12 +793,12 @@ dkimf_lua_stats_hook(void *ctx, const char *script, size_t scriptlen,
+ 	**  Register functions.
+ 	*/
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	luaL_newlib(l, dkimf_lua_lib_stats);
+ 	lua_setglobal(l, "odkim");
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	luaL_register(l, "odkim", dkimf_lua_lib_stats);
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	lua_pop(l, 1);
+ 
+ 	/*
+@@ -914,11 +922,11 @@ dkimf_lua_stats_hook(void *ctx, const char *script, size_t scriptlen,
+ 	/* import other globals */
+ 	dkimf_import_globals(ctx, l);
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL))
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name))
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	{
+ 	  case 0:
+ 		break;
+@@ -946,7 +954,11 @@ dkimf_lua_stats_hook(void *ctx, const char *script, size_t scriptlen,
+ 		io.lua_io_len = 0;
+ 		io.lua_io_alloc = 0;
+ 
++#if LUA_VERSION_NUM >= 503
++		if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0)
++#else
+ 		if (lua_dump(l, dkimf_lua_writer, &io) == 0)
++#endif
+ 		{
+ 			*keep = (void *) io.lua_io_script;
+ 			*funclen = io.lua_io_len;
+@@ -1022,12 +1034,12 @@ dkimf_lua_final_hook(void *ctx, const char *script, size_t scriptlen,
+ 	**  Register functions.
+ 	*/
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	luaL_newlib(l, dkimf_lua_lib_final);
+ 	lua_setglobal(l, "odkim");
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	luaL_register(l, "odkim", dkimf_lua_lib_final);
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	lua_pop(l, 1);
+ 
+ 	/*
+@@ -1151,11 +1163,11 @@ dkimf_lua_final_hook(void *ctx, const char *script, size_t scriptlen,
+ 	/* import other globals */
+ 	dkimf_import_globals(ctx, l);
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL))
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, name))
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	{
+ 	  case 0:
+ 		break;
+@@ -1183,7 +1195,11 @@ dkimf_lua_final_hook(void *ctx, const char *script, size_t scriptlen,
+ 		io.lua_io_len = 0;
+ 		io.lua_io_alloc = 0;
+ 
++#if LUA_VERSION_NUM >= 503
++		if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0)
++#else
+ 		if (lua_dump(l, dkimf_lua_writer, &io) == 0)
++#endif		
+ 		{
+ 			*keep = (void *) io.lua_io_script;
+ 			*funclen = io.lua_io_len;
+@@ -1252,11 +1268,11 @@ dkimf_lua_db_hook(const char *script, size_t scriptlen, const char *query,
+ 		lua_pushstring(l, query);
+ 	lua_setglobal(l, "query");
+ 
+-# if LUA_VERSION_NUM == 502
++# if LUA_VERSION_NUM >= 502
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, script, NULL))
+-# else /* LUA_VERSION_NUM == 502 */
++# else /* LUA_VERSION_NUM >= 502 */
+ 	switch (lua_load(l, dkimf_lua_reader, (void *) &io, script))
+-# endif /* LUA_VERSION_NUM == 502 */
++# endif /* LUA_VERSION_NUM >= 502 */
+ 	{
+ 	  case 0:
+ 		break;
+@@ -1284,7 +1300,11 @@ dkimf_lua_db_hook(const char *script, size_t scriptlen, const char *query,
+ 		io.lua_io_len = 0;
+ 		io.lua_io_alloc = 0;
+ 
++#if LUA_VERSION_NUM >= 503
++		if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0)
++#else
+ 		if (lua_dump(l, dkimf_lua_writer, &io) == 0)
++#endif
+ 		{
+ 			*keep = (void *) io.lua_io_script;
+ 			*funclen = io.lua_io_len;
+-- 
+2.25.4
+

SOURCES/KeyTable

@@ -0,0 +1,6 @@
+# OPENDKIM KEY TABLE
+# To use this file, uncomment the #KeyTable option in /etc/opendkim.conf,
+# then uncomment the following line and replace example.com with your domain
+# name, then restart OpenDKIM. Additional keys may be added on separate lines.
+
+#default._domainkey.example.com example.com:default:/etc/opendkim/keys/default.private

SOURCES/README.fedora

@@ -0,0 +1,102 @@
+#####################################
+#FEDORA-SPECIFIC README FOR OPENDKIM#
+#####################################
+Last updated: Apr 30, 2015 by Steve Jenkins (steve@stevejenkins.com)
+
+Generating keys for OpenDKIM
+============================
+After installing the opendkim package, you MUST generate a pair of keys (public and private) before
+attempting to start the opendkim service.
+
+A valid private key must exist in the location expected by /etc/opendkim.conf before the service will start.
+
+A matching public key must be included in your domain's DNS records before remote systems can validate
+your outgoing mail's DKIM signature.
+
+
+Generating Keys Automatically
+=============================
+To automatically create a pair of default keys for the local domain, do:
+
+% sudo /usr/sbin/opendkim-default-keygen
+
+The default keygen script will attempt to fetch the local domain name, generate a private and public key for
+the domain, then save them in /etc/opendkim/keys as default.private and default.txt with the proper
+ownership and permissions.
+
+NOTE: The default key generation script MUST be run by a privileged user (or root). Otherwise, the resulting
+private key ownership and permissions will not be correct.
+
+
+Generating Keys Manually
+========================
+A privileged user (or root) can manually generate a set of keys by doing the following:
+
+1) Create a directory to store the new keys:
+
+% sudo mkdir /etc/opendkim/keys/example.com
+
+2) Generate keys in that directory for a specific domain name and selector:
+
+% sudo /usr/sbin/opendkim-genkey -D /etc/opendkim/keys/example.com/ -d example.com -s default
+
+3) Set the proper ownership for the directory and private key:
+
+% sudo chown -R root:opendkim /etc/opendkim/keys/example.com
+
+4) Set secure permissions for the private key:
+
+% sudo chmod 640 /etc/opendkim/keys/example.com/default.private
+
+5) Set standard permissions for the public key:
+
+% sudo chmod 644 /etc/opendkim/keys/example.com/default.txt
+
+
+Updating Key Location(s) in Configuration Files
+===============================================
+If you run the opendkim-default-keygen script, the default keys will be saved in /etc/opendkim/keys as
+default.private and default.txt, which is the location expected by the default /etc/opendkim.conf file.
+
+If you manually generate your own keys, you must update the key location and name in /etc/opendkim.conf
+before attempting to start the opendkim service.
+
+Using OpenDKIM with SQL Datasets
+================================
+OpenDKIM on RedHat-based systems relies on OpenDBX for database access. Depending on which database you use,
+you may have to manually install one of the following OpenDBX subpackages (all of which are available via yum):
+
+- opendbx-firebird
+- opendbx-mssql
+- opendbx-mysql
+- opendbx-postgresql
+- opendbx-sqlite 
+- opendbx-sqlite2
+- opendbx-sybase
+
+If you have OpenDKIM configured to use SQL datasets on a systemd-based server, it might also be necessary to start
+the opendkim service after the database servers by referencing your database unit file(s) in the "After" section of
+the OpenDKIM unit file.
+
+For example, if using both MariaDB and PostgreSQL, in /usr/lib/systemd/system/opendkim.service change:
+
+After=network.target nss-lookup.target syslog.target
+
+to:
+
+After=network.target nss-lookup.target syslog.target mariadb.service postgresql.service
+
+
+Additional Configuration Help
+=============================
+For help configuring your MTA (Postfix, Sendmail, etc.) with OpenDKIM, setting up DNS records with your
+public DKIM key, as well as instructions on configuring OpenDKIM to sign outgoing mail for multiple
+domains, follow the how-to at:
+
+http://wp.me/p1iGgP-ou
+
+Official documentation for OpenDKIM is available at http://opendkim.org/
+
+OpenDKIM mailing lists are available at http://lists.opendkim.org/
+
+###

SOURCES/SigningTable

@@ -0,0 +1,25 @@
+# OPENDKIM SIGNING TABLE
+# This table controls how to apply one or more signatures to outgoing messages based
+# on the address found in the From: header field. In simple terms, this tells
+# OpenDKIM "how" to apply your keys.
+
+# To use this file, uncomment the SigningTable option in /etc/opendkim.conf,
+# then uncomment one of the usage examples below and replace example.com with your
+# domain name, then restart OpenDKIM.
+
+# WILDCARD EXAMPLE
+# Enables signing for any address on the listed domain(s), but will work only if
+# "refile:/etc/opendkim/SigningTable" is included in /etc/opendkim.conf.
+# Create additional lines for additional domains.
+
+#*@example.com default._domainkey.example.com
+
+# NON-WILDCARD EXAMPLE
+# If "file:" (instead of "refile:") is specified in /etc/opendkim.conf, then
+# wildcards will not work. Instead, full user@host is checked first, then simply host,
+# then user@.domain (with all superdomains checked in sequence, so "foo.example.com"
+# would first check "user@foo.example.com", then "user@.example.com", then "user@.com"),
+# then .domain, then user@*, and finally *. See the opendkim.conf(5) man page under
+# "SigningTable" for more details.
+
+#example.com default._domainkey.example.com

SOURCES/TrustedHosts

@@ -0,0 +1,9 @@
+# OPENDKIM TRUSTED HOSTS
+# To use this file, uncomment the #ExternalIgnoreList and/or the #InternalHosts
+# option in /etc/opendkim.conf then restart OpenDKIM. Additional hosts
+# may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
+# The localhost IP (127.0.0.1) should always be the first entry in this file.
+127.0.0.1
+::1
+#host.example.com
+#192.168.1.0/24

SOURCES/opendkim-2.11.0-comment-separator.patch

@@ -0,0 +1,13 @@
+diff --git a/opendkim/opendkim.c b/opendkim/opendkim.c
+index 803f37b0..c9dd782d 100644
+--- a/opendkim/opendkim.c
++++ b/opendkim/opendkim.c
+@@ -10766,7 +10766,7 @@ dkimf_ar_all_sigs(char *hdr, size_t hdrlen, struct dkimf_dstring *tmpstr,
+  				                     " (%u-bit key%s%s)",
+  				                     keybits,
+  				                     dnssec == NULL ? ""
+- 				                                    : "; ",
++ 				                                    : ", ",
+  				                     dnssec == NULL ? ""
+  				                                    : dnssec);
+  			}

SOURCES/opendkim-systemd-service-simple.patch

@@ -0,0 +1,24 @@
+--- OpenDKIM-2.11.0-Beta2.orig/contrib/systemd/opendkim.service.in	2022-09-05 13:34:39.099662836 -0400
++++ OpenDKIM-2.11.0-Beta2/contrib/systemd/opendkim.service.in	2022-09-05 13:36:33.580356467 -0400
+@@ -8,13 +8,18 @@ Documentation=man:opendkim(8) man:opendk
+ After=network.target nss-lookup.target syslog.target
+ 
+ [Service]
+-Type=forking
+-PIDFile=@localstatedir@/run/opendkim/opendkim.pid
++Type=simple
+ EnvironmentFile=-@sysconfdir@/sysconfig/opendkim
+-ExecStart=@sbindir@/opendkim $OPTIONS
++ExecStart=@sbindir@/opendkim -f $OPTIONS
+ ExecReload=/bin/kill -USR1 $MAINPID
+ User=opendkim
+ Group=opendkim
++Restart=on-failure
++StandardOutput=null
++StandardError=null
++ProtectSystem=strict
++ProtectHome=true
++ReadWritePaths=@logdir@/opendkim
+ 
+ [Install]
+ WantedBy=multi-user.target

SOURCES/opendkim.conf

@@ -0,0 +1,133 @@
+## BASIC OPENDKIM CONFIGURATION FILE
+## See opendkim.conf(5) or /usr/share/doc/opendkim/opendkim.conf.sample for more
+
+## BEFORE running OpenDKIM you must:
+
+## - make your MTA (Postfix, Sendmail, etc.) aware of OpenDKIM
+## - generate keys for your domain (if signing)
+## - edit your DNS records to publish your public keys (if signing)
+
+## See /usr/share/doc/opendkim/INSTALL for detailed instructions.
+
+## DEPRECATED CONFIGURATION OPTIONS
+##
+## The following configuration options are no longer valid.  They should be
+## removed from your existing configuration file to prevent potential issues.
+## Failure to do so may result in opendkim being unable to start.
+##
+## Removed in 2.10.0:
+##   AddAllSignatureResults
+##   ADSPAction
+##   ADSPNoSuchDomain
+##   BogusPolicy
+##   DisableADSP
+##   LDAPSoftStart
+##   LocalADSP
+##   NoDiscardableMailTo
+##   On-PolicyError
+##   SendADSPReports
+##   UnprotectedPolicy
+
+## CONFIGURATION OPTIONS
+
+##  Specifies the path to the process ID file.
+PidFile	/run/opendkim/opendkim.pid
+
+##  Selects operating modes. Valid modes are s (sign) and v (verify). Default is v.
+##  Must be changed to s (sign only) or sv (sign and verify) in order to sign outgoing
+##  messages.
+Mode	v
+
+##  Log activity to the system log.
+Syslog	yes
+
+##  Log additional entries indicating successful signing or verification of messages.
+SyslogSuccess	yes
+
+##  If logging is enabled, include detailed logging about why or why not a message was
+##  signed or verified. This causes an increase in the amount of log data generated
+##  for each message, so set this to No (or comment it out) if it gets too noisy.
+LogWhy	yes
+
+##  Attempt to become the specified user before starting operations.
+UserID	opendkim:opendkim
+
+##  Create a socket through which your MTA can communicate.
+Socket	inet:8891@localhost
+
+##  Required to use local socket with MTAs that access the socket as a non-
+##  privileged user (e.g. Postfix)
+Umask	002
+
+##  This specifies a text file in which to store DKIM transaction statistics.
+##  OpenDKIM must be manually compiled with --enable-stats to enable this feature.
+# Statistics	/var/spool/opendkim/stats.dat
+
+##  Specifies whether or not the filter should generate report mail back
+##  to senders when verification fails and an address for such a purpose
+##  is provided. See opendkim.conf(5) for details.
+SendReports	yes
+
+##  Specifies the sending address to be used on From: headers of outgoing
+##  failure reports.  By default, the e-mail address of the user executing
+##  the filter is used (executing_user@hostname).
+# ReportAddress	"Example.com Postmaster" <postmaster@example.com>
+
+##  Add a DKIM-Filter header field to messages passing through this filter
+##  to identify messages it has processed.
+SoftwareHeader	yes
+
+## SIGNING OPTIONS
+
+##  Selects the canonicalization method(s) to be used when signing messages.
+Canonicalization	relaxed/relaxed
+
+##  Domain(s) whose mail should be signed by this filter. Mail from other domains will
+##  be verified rather than being signed. Uncomment and use your domain name.
+##  This parameter is not required if a SigningTable is in use.
+# Domain	example.com
+
+##  Defines the name of the selector to be used when signing messages.
+Selector	default
+
+##  Specifies the minimum number of key bits for acceptable keys and signatures.
+MinimumKeyBits	1024
+
+##  Gives the location of a private key to be used for signing ALL messages. This
+##  directive is ignored if KeyTable is enabled.
+KeyFile	/etc/opendkim/keys/default.private
+
+##  Gives the location of a file mapping key names to signing keys. In simple terms,
+##  this tells OpenDKIM where to find your keys. If present, overrides any KeyFile
+##  directive in the configuration file. Requires SigningTable be enabled.
+# KeyTable	/etc/opendkim/KeyTable
+
+##  Defines a table used to select one or more signatures to apply to a message based
+##  on the address found in the From: header field. In simple terms, this tells
+##  OpenDKIM how to use your keys. Requires KeyTable be enabled.
+# SigningTable	refile:/etc/opendkim/SigningTable
+
+##  Identifies a set of "external" hosts that may send mail through the server as one
+##  of the signing domains without credentials as such.
+# ExternalIgnoreList	refile:/etc/opendkim/TrustedHosts
+
+##  Identifies a set "internal" hosts whose mail should be signed rather than verified.
+# InternalHosts	refile:/etc/opendkim/TrustedHosts
+
+##  Contains a list of IP addresses, CIDR blocks, hostnames or domain names
+##  whose mail should be neither signed nor verified by this filter.  See man
+##  page for file format.
+# PeerList	X.X.X.X
+
+##  Always oversign From (sign using actual From and a null From to prevent
+##  malicious signatures header fields (From and/or others) between the signer
+##  and the verifier.  From is oversigned by default in the Fedora package
+##  because it is often the identity key used by reputation systems and thus
+##  somewhat security sensitive.
+OversignHeaders	From
+
+##  Instructs the DKIM library to maintain its own local cache of keys and
+##  policies retrieved from DNS, rather than relying on the nameserver for
+##  caching service. Useful if the nameserver being used by the filter is
+##  not local.
+# QueryCache	yes

SOURCES/opendkim.sysconfig

@@ -0,0 +1,8 @@
+# Set the necessary startup options
+OPTIONS="-x /etc/opendkim.conf"
+
+# Set the default DKIM selector
+DKIM_SELECTOR=default
+
+# Set the default DKIM key location
+DKIM_KEYDIR=/etc/opendkim/keys

SPECS/opendkim.spec

@@ -0,0 +1,221 @@
+%global upname OpenDKIM
+%global bigname OPENDKIM
+%global full_version 2.11.0-Beta2
+
+Summary: A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
+Name: opendkim
+Version: 2.11.0
+Release: 0.31%{?dist}
+License: BSD and Sendmail
+URL: http://%{name}.org/
+Source0: https://github.com/trusteddomainproject/OpenDKIM/archive/%{full_version}.tar.gz
+Source1: opendkim.conf
+Source2: opendkim.sysconfig
+Source3: SigningTable
+Source4: KeyTable
+Source5: TrustedHosts
+Source6: README.fedora
+# https://github.com/trusteddomainproject/OpenDKIM/pull/70
+Patch0: 0001-support-for-lua-5.3.patch
+# https://github.com/trusteddomainproject/OpenDKIM/pull/136
+Patch1: opendkim-2.11.0-comment-separator.patch
+# systemd service type=simple
+Patch2: opendkim-systemd-service-simple.patch
+# Required for all versions
+Requires: lib%{name}%{?_isa} = %{version}-%{release}
+BuildRequires: make
+BuildRequires: openssl-devel
+BuildRequires: libtool
+BuildRequires: pkgconfig
+BuildRequires: libbsd
+BuildRequires: libbsd-devel
+BuildRequires: tre-devel
+#BuildRequires: opendbx-devel
+BuildRequires: lua-devel
+Requires(pre): shadow-utils
+%{?systemd_requires}
+BuildRequires: systemd
+BuildRequires: libdb-devel
+#BuildRequires: libmemcached-devel
+BuildRequires: sendmail-devel
+BuildRequires: openldap-devel
+
+
+%description
+%{upname} allows signing and/or verification of email through an open source
+library that implements the DKIM service, plus a milter-based filter
+application that can plug in to any milter-aware MTA, including sendmail,
+Postfix, or any other MTA that supports the milter protocol.
+
+
+%package -n %{name}-tools
+Summary: An open source DKIM library
+%description -n %{name}-tools
+This package contains the tools necessary to create artifacts needed
+by opendkim.
+
+
+%package -n lib%{name}
+Summary: An open source DKIM library
+Obsoletes: %{name}-sysvinit < 2.10.1-5
+%description -n lib%{name}
+This package contains the library files required for running services built
+using libopendkim.
+
+
+%package -n lib%{name}-devel
+Summary: Development files for lib%{name}
+Requires: lib%{name}%{?_isa} = %{version}-%{release}
+%description -n lib%{name}-devel
+This package contains the static libraries, headers, and other support files
+required for developing applications against libopendkim.
+
+
+%prep
+%autosetup -p1 -n %{upname}-%{full_version}
+
+
+%build
+autoreconf -iv
+# Always use system libtool instead of pacakge-provided one to
+# properly handle 32 versus 64 bit detection and settings
+%define LIBTOOL LIBTOOL=`which libtool`
+%configure \
+  --without-odbx \
+  --with-db \
+  --without-libmemcached \
+  --with-openldap \
+  --enable-query_cache \
+  --with-lua \
+  --enable-stats \
+  --enable-rbl \
+  --enable-rate_limit \
+  --enable-diffheaders \
+  --enable-identity_header \
+  --with-milter %{_includedir}/libmilter/
+# Remove rpath
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+
+
+%install
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
+install -d %{buildroot}%{_sysconfdir}
+install -d %{buildroot}%{_sysconfdir}/sysconfig
+install -m 0755 contrib/init/redhat/%{name}-default-keygen %{buildroot}%{_sbindir}/%{name}-default-keygen
+install -d -m 0755 %{buildroot}%{_unitdir}
+# fix service file for rundir
+sed -i -e "s:PIDFile=/var/run/opendkim/opendkim.pid:PIDFile=%{_rundir}/opendkim/opendkim.pid:" contrib/systemd/%{name}.service
+install -m 0644 contrib/systemd/%{name}.service %{buildroot}%{_unitdir}/%{name}.service
+install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}.conf
+install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
+mkdir -p %{buildroot}%{_sysconfdir}/%{name}
+install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/SigningTable
+install -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/%{name}/KeyTable
+install -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/%{name}/TrustedHosts
+cp %{SOURCE6} ./README.fedora
+install -p -d %{buildroot}/usr/lib/tmpfiles.d
+cat > %{buildroot}/usr/lib/tmpfiles.d/%{name}.conf <<'EOF'
+D %{_rundir}/%{name} 0750 %{name} %{name} -
+EOF
+rm -r %{buildroot}%{_prefix}/share/doc/%{name}
+rm %{buildroot}%{_libdir}/*.a
+rm %{buildroot}%{_libdir}/*.la
+mkdir -p %{buildroot}%{_localstatedir}/spool/%{name}
+mkdir -p %{buildroot}%{_rundir}/%{name}
+mkdir -p %{buildroot}%{_sysconfdir}/%{name}
+mkdir %{buildroot}%{_sysconfdir}/%{name}/keys
+install -m 0755 stats/%{name}-reportstats %{buildroot}%{_prefix}/sbin/%{name}-reportstats
+sed -i 's|^%{bigname}STATSDIR="/var/db/%{name}"|%{bigname}STATSDIR="%{_localstatedir}/spool/%{name}"|g' %{buildroot}%{_prefix}/sbin/%{name}-reportstats
+sed -i 's|^%{bigname}DATOWNER="mailnull:mailnull"|%{bigname}DATOWNER="%{name}:%{name}"|g' %{buildroot}%{_prefix}/sbin/%{name}-reportstats
+chmod 0644 contrib/convert/convert_keylist.sh
+
+
+%pre
+getent group %{name} >/dev/null || groupadd -r %{name}
+getent passwd %{name} >/dev/null || \
+	useradd -r -g %{name} -G mail -d %{_rundir}/%{name} -s /sbin/nologin \
+	-c "%{upname} Milter" %{name}
+exit 0
+%post
+%systemd_post %{name}.service
+%preun
+%systemd_preun %{name}.service
+%postun
+%systemd_postun_with_restart %{name}.service
+# For the switchover from initscript to service file
+%triggerun -- %{name} < 2.8.0-1
+%systemd_post %{name}.service
+/sbin/chkconfig --del %{name} >/dev/null 2>&1 || :
+%systemd_postun_with_restart %{name}.service
+
+
+%post -n libopendkim -p /sbin/ldconfig
+%postun -n libopendkim -p /sbin/ldconfig
+
+
+%files
+%license LICENSE LICENSE.Sendmail
+%doc FEATURES KNOWNBUGS RELEASE_NOTES RELEASE_NOTES.Sendmail
+%doc contrib/convert/convert_keylist.sh %{name}/*.sample
+%doc %{name}/%{name}.conf.simple-verify %{name}/%{name}.conf.simple
+%doc %{name}/README contrib/lua/*.lua
+%doc README.fedora
+%config(noreplace) %{_sysconfdir}/%{name}.conf
+%config(noreplace) /usr/lib/tmpfiles.d/%{name}.conf
+%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/SigningTable
+%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/KeyTable
+%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/TrustedHosts
+%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
+%{_bindir}/miltertest
+%{_sbindir}/opendkim
+%{_sbindir}/opendkim-reportstats
+%{_mandir}/man3/*
+%{_mandir}/man5/*
+%{_mandir}/man8/miltertest.8.gz
+%{_mandir}/man8/opendkim.8.gz
+%dir %attr(-,%{name},%{name}) %{_localstatedir}/spool/%{name}
+%dir %attr(0750,%{name},%{name}) %{_rundir}/%{name}
+%dir %attr(-,root,%{name}) %{_sysconfdir}/%{name}
+%dir %attr(0750,root,%{name}) %{_sysconfdir}/%{name}/keys
+%attr(0755,root,root) %{_sbindir}/%{name}-default-keygen
+%attr(0644,root,root) %{_unitdir}/%{name}.service
+
+
+%files -n libopendkim
+%license LICENSE LICENSE.Sendmail
+%doc README
+%{_libdir}/lib%{name}.so.*
+%{_libdir}/librbl.so.*
+
+
+%files -n opendkim-tools
+%license LICENSE LICENSE.Sendmail
+%{_mandir}/man8/opendkim-genkey.8.gz
+%{_mandir}/man8/opendkim-genzone.8.gz
+%{_mandir}/man8/opendkim-testkey.8.gz
+%{_mandir}/man8/opendkim-testmsg.8.gz
+%{_mandir}/man8/opendkim-expire.8.gz
+%{_mandir}/man8/opendkim-gengraphs.8.gz
+%{_mandir}/man8/opendkim-genstats.8.gz
+%{_mandir}/man8/opendkim-stats.8.gz
+%{_sbindir}/opendkim-genkey
+%{_sbindir}/opendkim-genzone
+%{_sbindir}/opendkim-testkey
+%{_sbindir}/opendkim-testmsg
+%{_sbindir}/opendkim-expire
+%{_sbindir}/opendkim-gengraphs
+%{_sbindir}/opendkim-genstats
+%{_sbindir}/opendkim-stats
+
+
+%files -n libopendkim-devel
+%license LICENSE LICENSE.Sendmail
+%doc lib%{name}/docs/*.html
+%{_includedir}/%{name}
+%{_includedir}/rbl/rbl.h
+%{_libdir}/*.so
+%{_libdir}/pkgconfig/*.pc
+
+
+%changelog