From 7d4f4bf9ec46a2fd75ee1894164abce0ca2ab5d0 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Wed, 14 Apr 2021 19:14:25 +0200
Subject: [PATCH] [opendkim] Add localhost in trusted hosts

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
 group_vars/opendkim.yml                             | 9 ++++++---
 roles/postfix-mailman3/templates/postfix/main.cf.j2 | 2 ++
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/group_vars/opendkim.yml b/group_vars/opendkim.yml
index d69a6b5d..2659b3c8 100644
--- a/group_vars/opendkim.yml
+++ b/group_vars/opendkim.yml
@@ -7,15 +7,18 @@ glob_opendkim:
     - "*@crans.fr"
     - "*@crans.eu"
   trust:
+    - "localhost"
+    - "127.0.0.1"
+    - "::1"
     - "185.230.79.0/26"
     - "172.16.3.0/24"
     - "172.16.10.0/24"
     - "2a0c:700:0:2::/64"
     - "2a0c:700:0:3::/64"
     - "2a0c:700:0:10::/64"
-    - "*@crans.org"
-    - "*@crans.fr"
-    - "*@crans.eu"
+    - "*.crans.org"
+    - "*.crans.fr"
+    - "*.crans.eu"
   txt_record: |
     mail._domainkey IN TXT "v=DKIM1; k=rsa; p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtwkNVd9Mmz8S4WcfuPk0X2drG39gS8+uxAv8igRILgzWeN8j2hjeZesl8pm/1UTVU87bYcdfUgXiGfQy9nR5p/Vmt2kS7sXk9nsJ/VYENgb3IJQ6paWupSTFMyeKycJ4ZHCEZB/bVvifoG6vLKqW5jpsfCiOcfdcgXATn0UPuVx9t93yRrhoEMntMv9TSodjqd3FKCtJUoh5cNQHo0T6dWKtxoIgNi/mvZ92D/IACwu/XOU+Rq9fnoEI8GukBQUR5AkP0B/JrvwWXWX/3EjY8X37ljEX0XUdq/ShzTl5iK+CM83stgkFUQh/rpww5mnxYEW3X4uirJ7VJHmY4KPoIU+2DPjLQj9Hz63CMWY3Ks2pXWzxD3V+GI1aJTMFOv2LeHnI3ScqFaKj9FR4ZKMb0OW2BEFBIY3J3aeo/paRwdbVCMM7twDtZY9uInR/NhVa1v9hlOxwp4/2pGSKQYoN2CkAZ1Alzwf8M3EONLKeiC43JLYwKH1uBB1oikSVhMnLjG0219XvfG/tphyoOqJR/bCc2rdv5pLwKUl4wVuygfpvOw12bcvnTfYuk/BXzVHg9t4H8k/DJR6GAoeNAapXIS8AfAScF8QdKfplhKLJyQGJ6lQ75YD9IwRAN0oV+8NTjl46lI/C+b7mpfXCew+p6YPwfNvV2shiR0Ez8ZGUQIcCAwEAAQ==" ; ----- DKIM key mail for crans.org
   private_key: "{{ vault.opendkim_private_key }}"
diff --git a/roles/postfix-mailman3/templates/postfix/main.cf.j2 b/roles/postfix-mailman3/templates/postfix/main.cf.j2
index 5e1e6b36..5c8cb165 100644
--- a/roles/postfix-mailman3/templates/postfix/main.cf.j2
+++ b/roles/postfix-mailman3/templates/postfix/main.cf.j2
@@ -23,6 +23,8 @@ smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 
 # OpenDKIM
+milter_protocol = 2
+milter_default_action = accept
 smtpd_milters = inet:localhost:12301
 non_smtpd_milters = inet:localhost:12301