#!/bin/bash # # Init file for DKIM sendmail milter. # # chkconfig: - 79 21 # description: dkim-filter is a daemon that hooks into sendmail and \ # sign/verify mail according DKIM standard # # processname: dkim-filter # config: /etc/sysconfig/dkim-milter # pidfile: /var/run/dkim-milter.pid source /etc/rc.d/init.d/functions source /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 [ -x /usr/sbin/dkim-filter ] || exit 1 ### Default variables USER="dkim-milt" PORT="local:/var/run/dkim-milter/dkim.sock" SIGNING_DOMAIN="example.com" SELECTOR_NAME="default" KEYFILE="/etc/mail/dkim/dkim_${SELECTOR_NAME}.pem" SIGNER=yes VERIFIER=yes CANON=simple SIGALG=rsa-sha1 REJECTION="bad=r,dns=t,int=t,no=a,miss=r" EXTRA_ARGS="-h -l -D" MILTER_GROUP="mail" SYSCONFIG="/etc/sysconfig/dkim-milter" ### Read configuration [ -r "$SYSCONFIG" ] && source "$SYSCONFIG" NUM=0 CMD_ARGS=() while [ ! -z $(eval "echo \$PORT${NUM}") ]; do LPORT=${PORT} LSIGNING_DOMAIN=${SIGNING_DOMAIN} LSELECTOR_NAME=${SELECTOR_NAME} LKEYFILE=${KEYFILE} LSIGNER=${SIGNER} LVERIFIER=${VERIFIER} LCANON=${CANON} LSIGALG=${SIGALG} LREJECTION=${REJECTION} LEXTRA_ARGS=${EXTRA_ARGS} [ ! -z $(eval "echo \$PORT${NUM}") ] && LPORT=$(eval "echo \$PORT${NUM}") [ ! -z $(eval "echo \$SIGNING_DOMAIN${NUM}") ] && LSIGNING_DOMAIN=$(eval "echo \$SIGNING_DOMAIN${NUM}") [ ! -z $(eval "echo \$SELECTOR_NAME${NUM}") ] && LSELECTOR_NAME=$(eval "echo \$SELECTOR_NAME${NUM}") [ ! -z $(eval "echo \$KEYFILE${NUM}") ] && LKEYFILE=$(eval "echo \$KEYFILE${NUM}") [ ! -z $(eval "echo \$SIGNER${NUM}") ] && LSIGNER=$(eval "echo \$SIGNER${NUM}") [ ! -z $(eval "echo \$VERIFIER${NUM}") ] && LVERIFIER=$(eval "echo \$VERIFIER${NUM}") [ ! -z $(eval "echo \$CANON${NUM}") ] && LCANON=$(eval "echo \$CANON${NUM}") [ ! -z $(eval "echo \$SIGALG${NUM}") ] && LSIGALG=$(eval "echo \$SIGALG${NUM}") [ ! -z $(eval "echo \$REJECTION${NUM}") ] && LREJECTION=$(eval "echo \$REJECTION${NUM}") [ ! -z $(eval "echo \$EXTRA_ARGS${NUM}") ] && LEXTRA_ARGS=$(eval "echo \$EXTRA_ARGS${NUM}") LMODES= if [ x${LSIGNER:0:1} == "xy" -o x${LSIGNER:0:1} == "xY" ]; then LMODES=${LMODES}s fi if [ x${LVERIFIER:0:1} == "xy" -o x${LVERIFIER:0:1} == "xY" ]; then LMODES=${LMODES}v fi [ ! -z "$LMODES" ] && LMODES="-b $LMODES" CMD_ARGS[${NUM}]="-u $USER -p $LPORT -d $LSIGNING_DOMAIN -k $LKEYFILE -s $LSELECTOR_NAME $LMODES -c $LCANON -S $LSIGALG -C $LREJECTION $LEXTRA_ARGS" NUM=$((${NUM}+1)) done if [ ${#CMD_ARGS[*]} -eq 0 ]; then MODES= if [ x${SIGNER:0:1} == "xy" -o x${SIGNER:0:1} == "xY" ]; then MODES=${MODES}s fi if [ x${VERIFIER:0:1} == "xy" -o x${VERIFIER:0:1} == "xY" ]; then MODES=${MODES}v fi [ ! -z "$MODES" ] && MODES="-b $MODES" CMD_ARGS[0]="-u $USER -p $PORT -d $SIGNING_DOMAIN -k $KEYFILE -s $SELECTOR_NAME $MODES -c $CANON -S $SIGALG -C $REJECTION $EXTRA_ARGS" fi RETVAL=0 prog="dkim-filter" desc="DKIM milter" #pidfile=/var/run/dk-milter.pid start() { for ((i=0; $i<${#CMD_ARGS[*]}; i=$(($i+1)) )); do pidfile=/var/run/${prog}${i}.pid echo -n $"Starting $desc ($prog #$i): " touch $pidfile chown $USER $pidfile daemon /usr/sbin/${prog} ${CMD_ARGS[$i]} -P $pidfile RETVAL=$? if [[ ! -z $(echo $PORT |grep "local") && $RETVAL -eq 0 ]]; then TPORT=$(echo $PORT | sed -e "s/local://") chgrp $MILTER_GROUP $TPORT chmod 770 $TPORT fi echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/${prog}${i} done return $RETVAL } stop() { echo -n $"Shutting down all $desc ($prog): " killproc $prog RETVAL=$? echo if [ $RETVAL -eq 0 ]; then rm -f /var/run/dkim-milter/dkim.sock for ((i=0; $i<${#CMD_ARGS[*]}; i=$(($i+1)) )); do pidfile=/var/run/${prog}${i}.pid echo -n $"Cleanup for $desc ($prog #$i): " rm -f /var/lock/subsys/${prog}${i} echo done fi return $RETVAL } restart() { stop sleep 2 start } case "$1" in start) start ;; stop) stop ;; restart|reload) restart ;; condrestart) [ -e /var/lock/subsys/${prog} ] && restart RETVAL=$? ;; status) status $prog RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|condrestart|status}" RETVAL=1 esac exit $RETVAL