dharmin/opendkim-docker-image

OpenDKIM milter Docker Image

OpenDKIM Docker image

Docker Hub | GitHub Container Registry | Quay.io

Changelog

Supported tags and respective Dockerfile links

• 2.10.3-r1, 2.10.3, 2.10, 2, latest
• 2.10.3-r1-alpine, 2.10.3-alpine, 2.10-alpine, 2-alpine, alpine

What is OpenDKIM?

OpenDKIM is an open source implementation of the DKIM (Domain Keys Identified Mail) sender authentication system proposed by the E-mail Signing Technology Group (ESTG), now standardized by the IETF (RFC6376). It also includes implementations of the RFC5617, Vouch By Reference (VBR, RFC5518), proposed standard and the experimental Authorized Third Party Signatures protocol (ATPS, RFC6541).

The OpenDKIM Docker image consists of a library that implements the DKIM service and a milter-based filter application that can plug in to any milter-aware MTA to provide that service to sufficiently recent sendmail MTAs and other MTAs that support the milter protocol.

OpenDKIM is a unit of The Trusted Domain Project.

www.opendkim.org

How to use this image

To run OpenDKIM milter application just start the container:

docker run -d -p 8891:8891 instrumentisto/opendkim

Configuration

To configure OpenDKIM you may use one of the following ways (but not both at the same time):

1. Drop-in files.
   Put your configuration files (must end with .conf) into /etc/opendkim/conf.d/ directory. These files will be applied to default OpenDKIM configuration when container starts.

   docker run -d -p 8891:8891 \
              -v /my/custom.conf:/etc/opendkim/conf.d/10-custom.conf:ro \
          instrumentisto/opendkim

   This way is convenient if you need only few changes to default configuration, or you want to keep different parts of configuration in different files.

2. Specify whole configuration.
   Put your configuration file opendkim.conf into /etc/opendkim/ directory, so fully replace the default configuration file provided by image.

   docker run -d -p 8891:8891 \
              -v /my/custom.conf:/etc/opendkim/opendkim.conf:ro \
          instrumentisto/opendkim

   This way is convenient when it's easier to specify the whole configuration at once, rather than reconfigure default options.

Default configuration

By default, the OpenDKIM milter application inside this Docker image is configured to perform only signatures verification.

To see whole default OpenDKIM configuration of this Docker image just run:

docker run --rm instrumentisto/opendkim cat /etc/opendkim/opendkim.conf

Keys generation

This Docker image also contains OpenDKIM tools that may be used for DKIM keys generation. For example:

docker run --rm -v /my/keys:/tmp -w /tmp --entrypoint opendkim-genkey \
       instrumentisto/opendkim \
           --subdomains \
           --domain=example.com \
           --selector=default

Important tips

As far as OpenDKIM writes its logs only to syslog, the syslogd process runs inside container as second side-process and is supervised with s6 supervisor provided by s6-overlay project.

Logs

The syslogd process of this image is configured to write everything to /dev/stdout.

To change this behaviour just mount your own /etc/syslog.conf file with desired log rules.

s6-overlay

This image contains s6-overlay inside. So you may use all the features it provides if you need to.

Image versions

X

Latest tag of X OpenDKIM's major version.

X.Y

Latest tag of X.Y OpenDKIM's minor version.

X.Y.Z

Latest tag of a concrete X.Y.Z version of OpenDKIM.

X.Y.Z-rN

Concrete N image revision tag of a OpenDKIM's concrete X.Y.Z version.

Once build, it's never updated.

alpine

This image is based on the popular Alpine Linux project, available in the alpine official image. Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.

This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use musl libc instead of glibc and friends, so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See this Hacker News comment thread for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.

License

OpenDKIM is licensed under BSD license.

As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).

As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.

The sources for producing instrumentisto/opendkim Docker images are licensed under Blue Oak Model License 1.0.0.

Issues

We can't notice comments in the DockerHub (or other container registries) so don't use them for reporting issue or asking question.

If you have any problems with or questions about this image, please contact us through a GitHub issue.