aboutsummaryrefslogtreecommitdiffstats
path: root/testing/opendmarc/config-defaults.patch
diff options
context:
space:
mode:
Diffstat (limited to 'testing/opendmarc/config-defaults.patch')
-rw-r--r--testing/opendmarc/config-defaults.patch175
1 files changed, 175 insertions, 0 deletions
diff --git a/testing/opendmarc/config-defaults.patch b/testing/opendmarc/config-defaults.patch
new file mode 100644
index 0000000000..65aa823e30
--- /dev/null
+++ b/testing/opendmarc/config-defaults.patch
@@ -0,0 +1,175 @@
+Change defaults based on Fedora and openSUSE packages.
+
+Also remove options for supervisor and options that need root privileges
+(we use OpenRC for process supervising and dropping privileges).
+
+--- a/opendmarc/opendmarc.conf.sample
++++ b/opendmarc/opendmarc.conf.sample
+@@ -24,7 +24,7 @@
+ ## provided, the name of the host running the filter (as returned by the
+ ## gethostname(3) function) will be used.
+ #
+-# AuthservID name
++AuthservID HOSTNAME
+
+ ## AuthservIDWithJobID { true | false }
+ ## default "false"
+@@ -35,46 +35,6 @@
+ #
+ # AuthservIDWithJobID false
+
+-## AutoRestart { true | false }
+-## default "false"
+-##
+-## Automatically re-start on failures. Use with caution; if the filter fails
+-## instantly after it starts, this can cause a tight fork(2) loop.
+-#
+-# AutoRestart false
+-
+-## AutoRestartCount n
+-## default 0
+-##
+-## Sets the maximum automatic restart count. After this number of automatic
+-## restarts, the filter will give up and terminate. A value of 0 implies no
+-## limit.
+-#
+-# AutoRestartCount 0
+-
+-## AutoRestartRate n/t[u]
+-## default (no limit)
+-##
+-## Sets the maximum automatic restart rate. If the filter begins restarting
+-## faster than the rate defined here, it will give up and terminate. This
+-## is a string of the form n/t[u] where n is an integer limiting the count
+-## of restarts in the given interval and t[u] defines the time interval
+-## through which the rate is calculated; t is an integer and u defines the
+-## units thus represented ("s" or "S" for seconds, the default; "m" or "M"
+-## for minutes; "h" or "H" for hours; "d" or "D" for days). For example, a
+-## value of "10/1h" limits the restarts to 10 in one hour. There is no
+-## default, meaning restart rate is not limited.
+-#
+-# AutoRestartRate n/t[u]
+-
+-## Background { true | false }
+-## default "true"
+-##
+-## Causes opendmarc to fork and exits immediately, leaving the service
+-## running in the background.
+-#
+-# Background true
+-
+ ## BaseDirectory (string)
+ ## default (none)
+ ##
+@@ -84,18 +44,8 @@
+ ## directory. It's also useful for arranging that any crash dumps will be
+ ## saved to a specific location.
+ #
+-# BaseDirectory /var/run/opendmarc
++BaseDirectory /run/opendmarc
+
+-## ChangeRootDirectory (string)
+-## default (none)
+-##
+-## Requests that the operating system change the effective root directory of
+-## the process to the one specified here prior to beginning execution.
+-## chroot(2) requires superuser access. A warning will be generated if
+-## UserID is not also set.
+-#
+-# ChangeRootDirectory /var/chroot/opendmarc
+-
+ ## CopyFailuresTo (string)
+ ## default (none)
+ ##
+@@ -175,7 +125,7 @@
+ ## rather periodically imported into a relational database from which the
+ ## aggregate reports can be extracted by a tool such as opendmarc-import(8).
+ #
+-# HistoryFile /var/run/opendmarc.dat
++# HistoryFile /var/spool/opendmarc/opendmarc.dat
+
+ ## IgnoreAuthenticatedClients { true | false }
+ ## default "false"
+@@ -193,7 +143,7 @@
+ ## connections are to be ignored by the filter. If not specified, defaults
+ ## to "127.0.0.1" only.
+ #
+-# IgnoreHosts /usr/local/etc/opendmarc/ignore.hosts
++# IgnoreHosts /etc/opendmarc/ignore.hosts
+
+ ## IgnoreMailFrom domain[,...]
+ ## default (none)
+@@ -212,14 +162,6 @@
+ #
+ # MilterDebug 0
+
+-## PidFile path
+-## default (none)
+-##
+-## Specifies the path to a file that should be created at process start
+-## containing the process ID.
+-#
+-# PidFile /var/run/opendmarc.pid
+-
+ ## PublicSuffixList path
+ ## default (none)
+ ##
+@@ -284,7 +226,7 @@
+ ## either in the configuration file or on the command line. If an IP
+ ## address is used, it must be enclosed in square brackets.
+ #
+-# Socket inet:8893@localhost
++Socket inet:8893@localhost
+
+ ## SoftwareHeader { true | false }
+ ## default "false"
+@@ -294,7 +236,7 @@
+ ## delivery. The product's name, version, and the job ID are included in
+ ## the header field's contents.
+ #
+-# SoftwareHeader false
++SoftwareHeader true
+
+ ## SPFIgnoreResults { true | false }
+ ## default "false"
+@@ -303,7 +245,7 @@
+ ## message. This is useful if you want the filter to perfrom SPF checks
+ ## itself, or because you don't trust the arriving header.
+ #
+-# SPFIgnoreResults false
++SPFIgnoreResults true
+
+ ## SPFSelfValidate { true | false }
+ ## default false
+@@ -316,14 +258,14 @@
+ ## is also set, it never looks for SPF results in headers and
+ ## always performs the SPF check itself when this is set.
+ #
+-# SPFSelfValidate false
++SPFSelfValidate true
+
+ ## Syslog { true | false }
+ ## default "false"
+ ##
+ ## Log via calls to syslog(3) any interesting activity.
+ #
+-# Syslog false
++Syslog true
+
+ ## SyslogFacility facility-name
+ ## default "mail"
+@@ -354,13 +296,4 @@
+ ## specific file mode on creation regardless of the process umask. See
+ ## umask(2) for more information.
+ #
+-# UMask 077
+-
+-## UserID user[:group]
+-## default (none)
+-##
+-## Attempts to become the specified userid before starting operations.
+-## The process will be assigned all of the groups and primary group ID of
+-## the named userid unless an alternate group is specified.
+-#
+-# UserID opendmarc
++UMask 007