diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2018-12-05 15:47:34 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2018-12-05 16:24:12 +0100 |
| commit | 9722d50b9b6c5ccd81892a00bdd3023399b004fb (patch) | |
| tree | 10ff7840e4c924d51217a122ac5f4a7bcb56a476 /group_vars | |
| parent | c21b92d9b79a80a27607618666b56fbc5cd26ac8 (diff) | |
DKIM: also include the "d=" tag in key filenames, not only the "s=" tag.
While the combination of "s=" tag (selector) & "d=" tag signing domain
maps to a unique key, the selector alone doesn't necessarily.
Diffstat (limited to 'group_vars')
| -rw-r--r-- | group_vars/all.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/group_vars/all.yml b/group_vars/all.yml index f222b56..4fcfc39 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -36,25 +36,25 @@ postfix_instance: , port: 2526 } MX: { name: mx, group: mta } out: { name: out, group: mta , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.out[0]].inventory_hostname_short ], '127.0.0.1') }}" , port: 2525 } MSA: { name: msa , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.MSA[0]].inventory_hostname_short ], '127.0.0.1') }}" , port: 2587 } lists: { name: lists , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.lists[0]].inventory_hostname_short ], '127.0.0.1') }}" , port: 2527 } imapsvr_addr: "{{ postfix_instance.IMAP.addr | ipaddr }}" dkim_keys: giraff: # match key "fripost.org": # domain of the entity signing the message (should be unique accross match keys) d: fripost.org - # selector (should be globally unique and random) + # selector (randomly generated with `xxd -p -l16 </dev/urandom`) s: 8f00fb94ec6c37aacb48bd43e073f9b7 "~": # catch-all, for our virtual domains d: x.fripost.org s: 9df9cdc7e101629b5003b587945afa70 |