I used these two resources Cuberwerk SPF & DKIM and Kofler OpenDKIM to work through the particulars of the config and setup the DNS records. OpenDKIM Binaries are pulled from unmanaged repos. I have found it best to enable the repo, install the build, and disable the repo to ensure UCS updates aren’t tainted at the next update. Arguably, there isn’t a real need to create variables as these are established settings and could be hardcoded. I wanted to work through the variable setup for my own edification. Here are the templated milter configs:
/etc/univention/registry.info/variables/gracetx-postfix-milter.cfg
[mail/postfix/milter_default_action]
Description[de]=
Description[en]=This parameter determines how Postfix filter handles inbound SMTP connection errors. Reject will tell bad servers to 'go pound sand' and drop the connection.
Type=str
Categories=service-mail
[mail/postfix/milter_protocol]
Description[de]=
Description[en]=Default protocol is '6' for all Postfix versions greater than 2.6.
Type=str
Categories=service-mail
[mail/postfix/smtpd_milters]
Description[de]=
Description[en]=What port are we listening on to handle filtering. Default to inet:localhost:12345
Type=str
Categories=service-mail
[mail/postfix/non_smtpd_milters]
Description[de]=
Description[en]=For non-SMTP services like sendmail. Default to inet:localhost:12345
Type=str
Categories=service-mail
/etc/univention/templates/info/gracetx-postfix-milter.info
Type: subfile
Multifile: etc/postfix/main.cf
Subfile: etc/postfix/main.cf.d/15_gracetxmilter
Variables: mail/postfix/milter_default_action
Variables: mail/postfix/milter_protocol
Variables: mail/postfix/smtpd_milters
Variables: mail/postfix/non_smtpd_mitlers
/etc/univention/templates/files/etc/postfix/main.cf.d/15_gracetxmilter
@!@
print '\n# DKIM Milter settings'
print 'milter_default_action = %s' % (configRegistry.get('mail/postfix/milter_default_action', 'tempfail'),)
print 'milter_protocol = %s' % (configRegistry.get('mail/postfix/milter_protocol', '6'),)
print 'smtpd_milters = %s' % (configRegistry.get('mail/postfix/smtpd_milters', 'inet:localhost:12345'),)
print 'non_smtpd_milters = %s' % (configRegistry.get('mail/postifx/non_smtpd_milters', 'inet:localhost:12345'),)
@!@
Hope that helps.