path: root/opendkim-2.4.2-installreadme.patch

--- opendkim-2.4.2/INSTALL	2011-07-12 22:53:43.000000000 -0700
+++ opendkim-2.4.2-patches/INSTALL	2011-08-22 21:15:28.535480182 -0700
@@ -6,11 +6,11 @@
 In order to install the opendkim as a milter to an MTA you will need to
 perform the following steps:
 
-* Compile the opendkim program itself.
+* Install the RPMs for libopendkim and opendkim.
 
-* Configure the opendkim for signing and/or verification.
+* Configure opendkim for signing and/or verification.
 
-* Install the opendkim and configure your MTA to use it.
+* Configure your MTA to use opendkim.
 
 Note that there is a difference between "OpenDKIM" and "opendkim".
 "OpenDKIM" is a package containing a library, a filter and some tools to
@@ -23,167 +23,100 @@
 
 The opendkim filter program incorporates the libopendkim library and works
 with recent versions of sendmail and Postfix or any other MTA that supports
-"milter".  For more information about milter, see <http://www.milter.org>.
+"milter".  For more information about milter, see <http://www.milter.org/>.
 
 Sendmail is available at <http://www.sendmail.org> and Postfix is available
-at <http://www.postfix.org>.
+at <http://www.postfix.org/>.
 
 
-OPTIONAL PACKAGES
-=================
+REQUIREMENTS
+============
 
-OpenDKIM supports a few optional packages that can be included in the build
-to provide additional services.  A few of these become mandatory when
-enabling certain features below.  Specifying only the "--with-xxx" parameter
-to the "configure" command (described below) enables the package and makes a
-guess at where it might be installed on your system.  If the configure script
-doesn't find it, you will need to specify the location with
-"--with-xxx=location".
+The opendkim filter requires either sendmail v8.13.0 or Postfix v2.3 or later
+for required milter protocol enhancements. For more information on milters:
 
---with-db	BerkeleyDB include file and library.  If enabled without
-		a specific path, the /usr/local/BerkeleyDB, /usr/local and
-		/usr directories will be searched for both the required
-		includes and the required libraries.  Required for the
-		following features: query_cache, stats
+Postfix users, see: http://www.postfix.org/MILTER_README.html
 
---with-db-incdir
---with-db-libdir
---with-db-lib
-		These provide a finer control over the location of BerkeleyDB
-		include, library path and libary name where the default 
-		locations of --with-db are not enough.
+Sendmail users, see: http://www.sendmail.com/sm/partners/milter_partners/
 
---with-domainkeys
-		Sendmail's "libdk" include file and library for verifying
-		messages signed with the older DomainKeys specification.
 
---with-libgcrypt
-		Location of GNU's libgcrypt includes and library.
-		If not specified, "--with-openssl" is assumed.
+CONFIGURING OPENDKIM
+====================
 
---with-lua	Lua interpreter library.  Enables fine-grained policy control
-		via Lua script hooks, and also enables building of the
-		"miltertest" test tool.
+For a step-by-step How-To on installing and configuring OpenDKIM with Postfix
+or Sendmail on RedHat systems, see:
 
---with-milter	Sendmail's "milter" include file and library.  Required
-		unless compilation fo the filter is disabled (see below).
-		Enabled by default.
+http://packages.stevejenkins.com/opendkim/
 
---with-odbx	Location of the OpenDBX installation on your system.
-		Optional; enables use of a number of SQL and ODBC databases
-		for configuration information.  Version 1.3.7 or later is
-		required.
+For general installation and configuration instructions for all supported
+operating systems, refer to the official documentation at:
 
---with-openldap	Location of the OpenLDAP installation on your system.
+http://opendkim.org/docs.html
 
---with-openssl	Location of the OpenSSL installation on your system.
-		Either this or libgcrypt required, and this one is assumed
-		if libgcrypt is not enabled.  If no specific location is
-		provided, several common install locations will be searched for
-		the required includes and libraries.
+After installing opendkim, you must do the following:
 
---with-sasl	Location of the Cyrus SASL include file definitions. This is
-		used for authenticating against LDAP servers.
+* Configure your MTA (Postfix, Sendmail, etc.) to use OpenDKIM.
 
---with-tre	Location of the TRE installation on your system.  This
-		is required if you are using the "diffheaders" feature.
-		If no specific location is provided, the /usr/local and
-		/usr directories will be searched for the required includes
-		and libraries.
+Postfix users will need to add/edit the smtpd_milters, non_smtpd_milters, and
+milter_default_action parameters in their main.cf file. Generally, adding the
+following lines to main.cf will be enough to get opendkim working with Postfix:
 
---with-unbound	Location of the Unbound DNSSEC capable asynchronous resolver 
-		library and include file.
-                
+smtpd_milters		= inet:127.0.0.1:8891
+non_smtpd_milters	= inet:127.0.0.1:8891
+milter_default_action	= accept
 
+If you are using a version of Postfix prior to 2.6, you may also need to set
+the milter_protocol parameter in main.cf to "2" with:
 
-FEATURES
-========
+milter_protocol		= 2
 
-There are several compile-time features you may select.  Some of these
-are present but unsupported while others are fully-supported.  Read the
-FEATURES file for a description of the unsupported features.
+Sendmail users will need to add the following line to the .mc configuration
+file that was used to build your current sendmail.cf file:
 
-The supported features are as follows.  The can be turned on at compile
-time by adding "--enable-xxx" to the "configure" command line (described
-below), where "xxx" is the name of the feature.
+INPUT_MAIL_FILTER(`opendkim', `S=inet:8891@localhost')
 
-arlib		Use the provided asynchronous resolver library.
+Then you will need to build and install a new sendmail.cf from the .mc file.
+Remember to make backups of your sendmail.cf and .mc files before attempting
+any changes.
 
-debug		Produce debug-enabled libraries and executables.
+* Configure opendkim for signing and/or verification.
 
-filter		Compile the opendkim filter.  Requires libmilter (see
-		"--with-milter" above).  This is on by default; if you
-		don't want the filter, specify "--disable-filter".
+By default, opendkim is configured for DKIM signature verification of incoming
+mail only. Before you can sign outgoing mail with a DKIM signature, you must:
 
-maxverify	Allow limitation of the number of signatures verified per
-		message.
+- generate a set of private and public keys
+- configure opendkim for signing
+- publish your public key via DNS
 
-oversign	Enable optional header field over-signing.
+A default set of keys based on your system's fully qualified domain name
+(FQDN) and using the selector "default" will be generated in
+/etc/opendkim/keys the first time you run:
 
-popauth		Enable POP-before-SMTP support.
+service opendkim start
 
-query_cache	Cache DNS replies in a local database.  Requires the
-		BerkeleyDB database.  (See "--with-db" above.)
+You can also generate your own keys using the opendkim-genkey command.
 
-stats		Produce a filter and tools used for statistics collection,
-		analysis and submission.
+After generating your keys, you must edit opendkim.conf and verify that your
+domain name is correct, change the Mode to "s" for signing or "sv" for signing
+and verifying, and configure the KeyFile and Selector parameters. Additional
+options are available for signing for multiple users and/or multiple domains.
+For more information, consult the online documentation or do:
 
-xtags		Support for signature extension tags.
+man opendkim.conf
 
+You must also publish your public key(s) via DNS before remote mail servers
+can verify your outdoing DKIM signature. Consult your DNS provider's
+documentation on how to do this.
 
-COMPILING
+MORE INFO
 =========
 
-The opendkim filter requires either sendmail v8.13.0 or Postfix v2.3 or later
-for required milter protocol enhancements.
-
-To build this package you must first have installed or at least have available
-the OpenSSL package and libmilter.  The former is available from
-<http://www.openssl.org> or in package form from your vendor.  At a minimum
-version 0.9.8 is required to meet DKIM requirements.  The application library
-libmilter is part of the sendmail Open Source distribution and can be built
-and installed from there (ftp://ftp.sendmail.org).
-
-As Postfix currently does not provide milter library, you need to have
-sendmail sources or development package installed.  See
-http://www.postfix.org/MILTER_README.html
-
-You can view the configuration options with the following command:
-
-	./configure --help
-
-The commands shown below assume a UNIX system with standard build tools
-installed.
-
-Steps to compiling the library and the milter:
+For a step-by-step How-To on installing and configuring OpenDKIM with Postfix
+or Sendmail on RedHat systems, see:
 
-(1) Download the source from OpenDKIM (http://www.opendkim.org).
-
-(2) Unpack the tarball:
-	tar -xzvf opendkim-<version>.tar.gz
-
-    Note: Use <version> as the version number that you downloaded.
-
-(3) Change directories to the release directory (opendkim-<version>) that
-    was created in step 2.
-	cd opendkim-<version>
-
-(4) Run the "configure" script to configure the package for your operating
-    system.
-	./configure
-
-(5) Compile the package.
-	make
-
-(6) Install the output of the build.  You probably need to become the
-    superuser to run this step.
-	make install
-
-
-CONFIGURING OPENDKIM
-====================
+http://packages.stevejenkins.com/opendkim/
 
-The README document (in the opendkim directory) covers the installation and
-configuration of opendkim.
+For more information about the OpenDKIM Project, including official
+documentation and support, visit:
 
-$Id: INSTALL,v 1.22 2010/09/13 01:39:48 cm-msk Exp $
+http://opendkim.org/