Deleted reference to obsolete syslog target in unit file

install via pip

CHANGES

@@ -1,3 +1,23 @@
+1.0.0 2018-05-11
+ - Minor documentation updates
+ - Deleted reference to obsolete syslog target in unit file
+
+0.9.7 2018-03-19
+ - Made sysv init executable
+ - Add missing documentation key to system/dkimpy-milter.service
+ - Put version directly in setup.py and do not import dkimpy_milter to ease
+   install via pip
+ - Minor sysv init improvments
+
+0.9.6 2018-03-13
+ - Fixed typo in package installation section of README
+ - Added more to README about first run with systemd
+ - Fixed typo in path for fallback location of the config file if one is not
+   provided
+ - Added protection for malformed From addresses.  If the From does not at
+   least have an '@' in the address, then the signing domain is not extracted
+   and the message will not be signed
+
 0.9.5.1 2018-03-10
  - Add conf file location to systemd unit file
  - Fix setup.py install locations so they are installed correctly

README

@@ -1,6 +1,5 @@
-This is a DKIM signing and verification milter.  In theory it works with both
-Postfix and Sendmail, but the author has zero experience with Sendmail, so
-reports of success/failure with Sendmail and patches are welcom.
+This is a DKIM signing and verification milter.  In theory it has been tested
+with both Postfix and Sendmail.
 
 The configuration file is designed to be compatible with OpenDKIM, but only
 a subset of OpenDKIM options are supported.  If an unsupported option is
@@ -16,8 +15,8 @@ python setup.py install --single-version-externally-managed --record=/dev/null
 For users of Debian Stable (Debian 9, Codename Squueze), all dependencies are
 available in either the main or backports repositories:
 
-[sudo] apt install python-milter python-nacl pthon-ipaddress python-dnspython
-[sudo] apt install -t squeeze-backports python-authres python-dkim
+[sudo] apt install python-milter python-nacl python-ipaddress python-dnspython
+[sudo] apt install -t stretch-backports python-authres python-dkim
 
 The preferred method of installation is from PyPi using pip (if distribution
 packages are not available):
@@ -25,7 +24,10 @@ packages are not available):
 [sudo] pip install dkimpy_milter
 
 Using pip will cause required packages to be installed via easy_install if they
-have not been previously installed.
+have not been previously installed.  Because pymilter and PyNaCl are compiled
+Python extensions, the system will need appropriate development packages and
+an C compiler.  Alternately, install these dependencies from dsitribution/OS
+packages and then pip install dkimpy_milter.
 
 The milter will work with either pydns (DNS) or dnspython (dns), preferring
 dnspython is both are available.  The dkimpy DKIM module also works with
@@ -48,6 +50,14 @@ As an example, using the default dkimpy-user on Debian, the command would be:
 Since /var/run or /run is sometimes on a tempfs, if the PID file directory is
 missing, the milter will create it on startup.
 
+To start dkimpy-milter with systemd for the first time, you will need to take
+the following steps:
+
+[sudo] systemctl daemon-reload
+[sudo] systemctl enable dkimpy-milter
+[sudo] systemctl start dkimpy-milter
+[sudo] systemctl status dkimpy-milter (to verify it started correctly)
+
 As with all milters, dkimpy-milter needs to be integrated with your MTA of
 choice (Sendmail or Postfix).
 
@@ -118,10 +128,13 @@ MacroListVerify		daemon_name|VERIFYING
 
 
 The python DKIM library, dkimpy, requires the entire message being signed or
-verified to be in memory, so dkimpy-milter does not write messages out to a temp
-file.  This may impact performance on low-memory systems.
+verified to be in memory, so dkimpy-milter does not write messages out to a
+temp file.  This may impact performance on low-memory systems.
 
-This is an beta grade release to support interoperability testing with Ed25519
-signatures sufficient functionality for basic use.  The documented
-functionality has been implemented and at least partially tested.  It is free
-of known major defects, but is not fully tested in a variety of environments.
+This is an initial production release to support interoperability testing with
+Ed25519 signatures sufficient functionality for basic use.  The documented
+functionality has been implemented and at generally partially tested.  It is
+free of known defects, but is not fully tested in a variety of environments.
+
+DKIM Ed25519 signatures are still in development, but the specification is
+technically stable.  Version 1.0.0 supports draft-ietf-dcrup-dkim-crypto-09.

TODO

@@ -53,6 +53,7 @@ ClockDrift (requires dkimpy change)
 DNSTimeout (requires dkmpy change)
 MilterDebug
 MinimumKeyBits
+OversignHeaders (may require dkimpy changes)
 PeerList
 SignatureAlgorithm
 
@@ -83,7 +84,6 @@ On-InternalError
 On-KeyNotFound
 On-NoSignature
 On-SignatureError
-OversignHeaders
 RemoveARAll
 RemoveARFrom
 RemoveOldSignatures 

dkimpy_milter/__init__.py

@@ -39,7 +39,7 @@ from dkimpy_milter.util import read_keyfile
 from dkimpy_milter.util import own_socketfile
 from dkimpy_milter.util import fold
 
-__version__ = "0.9.5.1"
+__version__ = "1.0.0"
 FWS = re.compile(r'\r?\n[ \t]+')
 
 
@@ -130,7 +130,10 @@ class dkimMilter(Milter.Base):
             self.has_dkim += 1
         if lname == 'from':
             fname, self.author = parseaddr(val)
-            self.fdomain = self.author.split('@')[1]
+            try:
+                self.fdomain = self.author.split('@')[1]
+            except IndexError as er:
+                self.fdomain = ''  # self.author was not a proper email address
             if (milterconfig.get('Syslog') and
                     milterconfig.get('debugLevel') >= 1):
                 syslog.syslog("{0}: {1}".format(name, val))
@@ -324,7 +327,7 @@ def main():
     global privateEd25519
     privateRSA = False
     privateEd25519 = False
-    configFile = '/usr/loca/etc/dkimpy-milter.conf'
+    configFile = '/usr/local/etc/dkimpy-milter.conf'
     if len(sys.argv) > 1:
         if sys.argv[1] in ('-?', '--help', '-h'):
             print('usage: dkimpy-milter [<configfilename>]')

setup.py

@@ -18,7 +18,6 @@
 
 from setuptools import setup
 import os
-import dkimpy_milter
 
 description = "Domain Keys Identified Mail (DKIM) signing/verifying milter for Postfix/Sendmail."
 
@@ -31,14 +30,14 @@ except ImportError:  # If PyDNS is not installed, prefer dnspython
 
 setup(
     name='dkimpy-milter',
-    version=dkimpy_milter.__version__,
+    version='1.0.0',
     author='Scott Kitterman',
     author_email='scott@kitterman.com',
     url='https://launchpad.net/dkimpy-milter',
     description=description,
     download_url = "https://pypi.python.org/pypi/dkimpy-milter",
     classifiers= [
-        'Development Status :: 4 - Beta',
+        'Development Status :: 5 - Production/Stable',
         'Environment :: No Input/Output (Daemon)',
         'Intended Audience :: System Administrators',
         'License :: OSI Approved :: GNU General Public License (GPL)',

system/dkimpy-milter

@@ -13,8 +13,6 @@
 # Provides:          dkim-milter dkim-milter-python dkimpy-milter
 # Required-Start:    $remote_fs $syslog $network $time
 # Required-Stop:     $remote_fs $syslog $network
-# Should-Start:
-# Should-Stop:
 # Default-Start:     2 3 4 5
 # Default-Stop:      0 1 6
 # Short-Description: dkimpy-milter
@@ -31,7 +29,7 @@ NAME=dkimpy-milter
 DESC="Python DKIM Milter"
 USER=dkimpy-milter
 GROUP=dkimpy-milter
-SOCKET=$RUNDIR/dkimpy-milter.pid
+SOCKET=$RUNDIR/dkimpy-milter.sock
 
 test -x $DAEMON || exit 0
 
@@ -70,8 +68,8 @@ case "$1" in
 		fi
 	fi
 
-	start-stop-daemon --start --chuid $USER --background --quiet --pidfile \
-		$RUNDIR/$NAME.pid --exec $DAEMON $sysconfdir/$NAME.conf
+        start-stop-daemon --start --quiet --pidfile $RUNDIR/$NAME.pid --startas \
+                $DAEMON $sysconfdir/$NAME.conf --name $NAME --test > /dev/null \
 	echo "$NAME."
 	;;
   stop)

system/dkimpy-milter.service

@@ -1,6 +1,7 @@
 [Unit]
 Description=DKIMpy Milter
-After=syslog.target network.target
+Documentation=man:dkimpy-milter(8) man:dkimpy-milter.conf(5) 
+After=network.target
 
 [Service]
 Type=simple