Use authentication_milter instead of opendkim and opendmarc

docker/authentication_milter/authentication_milter.json

@@ -0,0 +1,69 @@
+{
+    "logtoerr"    : "1",
+    "error_log"   : "",
+    "connection"  : "unix:/var/spool/postfix/authentication_milter/authentication_milter.sock",
+    "umask"       : "0007",
+    "runas"       : "mail",
+    "rungroup"    : "mail",
+    "authserv_id" : "__HOSTNAME__",
+
+    "connect_timeout" : 30,
+    "command_timeout" : 30,
+    "content_timeout" : 300,
+    "dns_timeout"     : 10,
+    "dns_retry"       : 2,
+
+    "handlers" : {
+
+        "Sanitize" : {
+            "hosts_to_remove" : [
+                "__HOSTNAME__"
+            ]
+        },
+
+        "SPF" : {
+            "hide_none" : 0
+        },
+
+        "DKIM" : {
+            "hide_none" : 0,
+        },
+
+        "XGoogleDKIM" : {
+            "hide_none" : 1,
+        },
+
+        "ARC" : {
+            "hide_none" : 0,
+        },
+
+        "DMARC" : {
+            "hide_none" : 0,
+            "detect_list_id" : "1"
+        },
+
+        "BIMI" : {},
+
+        "PTR" : {},
+
+        "SenderID" : {
+            "hide_none" : 1
+        },
+
+        "IPRev" : {},
+
+        "Auth" : {},
+
+        "AlignedFrom" : {},
+
+        "LocalIP" : {},
+
+        "TrustedIP" : {
+            "trusted_ip_list" : []
+        },
+
+        "!AddID" : {},
+
+        "ReturnOK" : {}
+    }
+}

docker/authentication_milter/mail-dmarc.ini

@@ -0,0 +1,58 @@
+; This is YOU. DMARC reports include information about the reports. Enter it here.
+[organization]
+domain             = example.com
+org_name           = My Company Limited
+email              = admin@example.com
+extra_contact_info = http://example.com
+
+; aggregate DMARC reports need to be stored somewhere. Any database
+; with a DBI module (MySQL, SQLite, DBD, etc.) should work.
+; SQLite and MySQL are tested.
+; Default is sqlite.
+[report_store]
+backend = SQL
+;dsn     = dbi:SQLite:dbname=dmarc_reports.sqlite
+dsn    = dbi:mysql:database=dmarc_reporting_database;host=localhost;port=3306
+user    = authmilterusername
+pass    = authmiltpassword
+
+; backend can be perl or libopendmarc
+[dmarc]
+backend        = perl
+
+[dns]
+timeout            = 5
+public_suffix_list = share/public_suffix_list
+
+[smtp]
+; hostname is the external FQDN of this MTA
+hostname  = mx1.example.com
+cc        = dmarc.copy@example.com
+
+; list IP addresses to whitelist (bypass DMARC reject/quarantine)
+; see sample whitelist in share/dmarc_whitelist
+whitelist = /path/to/etc/dmarc_whitelist
+
+; By default, we attempt to email directly to the report recipient.
+; Set these to relay via a SMTP smart host.
+smarthost = mx2.example.com
+smartuser = dmarccopyusername
+smartpass = dmarccopypassword
+
+[imap]
+server    = mail.example.com
+user      =
+pass      =
+; the imap folder where new dmarc messages will be found
+folder    = dmarc
+; the folders to store processed reports (a=aggregate, f=forensic)
+f_done    = dmarc.forensic
+a_done    = dmarc.aggregate
+
+[http]
+port      = 8080
+
+[https]
+port      = 8443
+ssl_crt   =
+ssl_key   =