aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYasuhiro Kimura <yasu@FreeBSD.org>2024-06-10 06:20:12 +0000
committerYasuhiro Kimura <yasu@FreeBSD.org>2024-06-10 06:20:12 +0000
commitd754a77ccf5b313a754473501e39234d9034b32c (patch)
tree2a5b32e4f78d41d3a316a8d9b47ab012b23b0ba1
parent8bb877912300eabb66d3b3f96d3926b2ab711560 (diff)
mail/opendkim-devel: Add new port
* Add mail/opendkim-devel, development snapshot of OpenDKIM. * Mark mail/opendkim and mail/opendkim-devel as CONFLICTS_INSTALL with each other
-rw-r--r--mail/Makefile1
-rw-r--r--mail/opendkim-devel/Makefile229
-rw-r--r--mail/opendkim-devel/distinfo3
-rw-r--r--mail/opendkim-devel/files/milter-opendkim.in213
-rw-r--r--mail/opendkim-devel/files/patch-opendkim_opendkim-crypto.c20
-rw-r--r--mail/opendkim-devel/files/patch-opendkim_opendkim.c36
-rw-r--r--mail/opendkim-devel/files/pkg-message.in25
-rw-r--r--mail/opendkim-devel/pkg-descr9
-rw-r--r--mail/opendkim-devel/pkg-plist78
-rw-r--r--mail/opendkim/Makefile2
10 files changed, 616 insertions, 0 deletions
diff --git a/mail/Makefile b/mail/Makefile
index cc516fb3e555..3d3ae7d8902f 100644
--- a/mail/Makefile
+++ b/mail/Makefile
@@ -271,6 +271,7 @@
SUBDIR += nullmailer
SUBDIR += openarc
SUBDIR += opendkim
+ SUBDIR += opendkim-devel
SUBDIR += opendmarc
SUBDIR += opensmtpd
SUBDIR += opensmtpd-extras
diff --git a/mail/opendkim-devel/Makefile b/mail/opendkim-devel/Makefile
new file mode 100644
index 000000000000..338b4141d3d1
--- /dev/null
+++ b/mail/opendkim-devel/Makefile
@@ -0,0 +1,229 @@
+PORTNAME= opendkim
+DISTVERSIONPREFIX= rel-opendkim-
+DISTVERSION= 2.11.0-Beta2-48
+DISTVERSIONSUFFIX= -g551ab382
+CATEGORIES= mail security
+PKGNAMESUFFIX= -devel
+
+MAINTAINER= yasu@FreeBSD.org
+COMMENT= DKIM library and milter implementation
+WWW= http://opendkim.org/
+
+LICENSE= BSD3CLAUSE SENDMAIL
+LICENSE_COMB= multi
+LICENSE_GROUPS_SENDMAIL= FSF OSI
+LICENSE_NAME_SENDMAIL= Sendmail Open Source License
+LICENSE_FILE_SENDMAIL= ${WRKSRC}/LICENSE.Sendmail
+LICENSE_PERMS_SENDMAIL= dist-mirror dist-sell pkg-mirror pkg-sell \
+ auto-accept
+
+USES= autoreconf cpe libtool perl5 pkgconfig shebangfix ssl
+USE_GITHUB= yes
+GH_ACCOUNT= trusteddomainproject
+GH_PROJECT= OpenDKIM
+USE_LDCONFIG= yes
+USE_PERL5= run
+
+SHEBANG_FILES= opendkim/opendkim-genkey* reprrd/opendkim-reprrdimport* \
+ reputation/opendkim-* stats/opendkim-*
+
+GNU_CONFIGURE= yes
+
+MAKE_ARGS= pkgconfigdir="${PREFIX}/libdata/pkgconfig"
+MAKE_ENV= INSTALL_STRIP_FLAG=${STRIP}
+TEST_TARGET= check
+
+CONFLICTS_INSTALL= opendkim
+
+PORTDOCS= *
+
+OPTIONS_DEFINE= BDB_BASE CURL DOCS FILTER GNUTLS JANSSON LDNS \
+ LMDB LUA MEMCACHED OPENDBX OPENLDAP POPAUTH \
+ QUERY_CACHE SASL
+OPTIONS_DEFAULT= FILTER LUA UNBOUND
+OPTIONS_GROUP= DEVELOPER FFR
+OPTIONS_GROUP_DEVELOPER= ALLSYMBOLS CODECOVERAGE DEBUG
+OPTIONS_GROUP_FFR= ADSP_LISTS ATPS DB_HANDLE_POOLS DEFAULT_SENDER \
+ DIFFHEADERS IDENTITY_HEADER LDAP_CACHING \
+ LUA_ONLY_SIGNING POSTGRES_RECONNECT_HACK \
+ RATE_LIMIT RBL REPLACE_RULES REPRRD REPUTATION \
+ RESIGN SENDER_MACRO SOCKETDB STATS STATSEXT VBR
+OPTIONS_SINGLE= RESOLV
+OPTIONS_SINGLE_RESOLV= STOCK_RESOLVER UNBOUND
+NO_OPTIONS_SORT= yes
+OPTIONS_SUB= yes
+
+ADSP_LISTS_DESC= ADSP filtering for lists (experimental)
+ALLSYMBOLS_DESC= Export all internal symbols for better test coverage
+ATPS_DESC= Authorized Third Party Sign check
+BDB_BASE_DESC= Use Berkeley DB from base
+CODECOVERAGE_DESC= Enable internal code-coverage/profiling
+CURL_DESC= Use cURL for web queries
+DB_HANDLE_POOLS_DESC= Database handle pools (experimental)
+DEBUG_DESC= Build with debug symbols
+DEFAULT_SENDER_DESC= Default sender address
+DEVELOPER_DESC= Options useful for OpenDKIM development
+DIFFHEADERS_DESC= Compare signed and verified headers (experimental)
+FFR_DESC= Use features marked as For-Future-Releases
+FILTER_DESC= OpenDKIM filter, requires libmilter/Sendmail
+GNUTLS_DESC= Use GnuTLS instead of OpenSSL
+IDENTITY_HEADER_DESC= Special header to set identity
+JANSSON_DESC= Statistics and other output as JSON data
+LDAP_CACHING_DESC= LDAP query piggybacking and caching
+LDNS_DESC= Use LDNS library for DNS queries
+LMDB_DESC= Use Lightning Memory-Mapped DB key-value store
+LUA_DESC= Describe filter policy with lua
+LUA_ONLY_SIGNING_DESC= Message signing by Lua only
+MEMCACHED_DESC= Use memcached as a data set
+OPENDBX_DESC= Store filter policies via OpenDBX
+OPENLDAP_DESC= Store filter policies in LDAP
+POPAUTH_DESC= Use POP authentication DB
+POSTGRES_RECONNECT_HACK_DESC= PostgreSQL connection error detection bug hack
+QUERY_CACHE_DESC= Cache DNS query results locally
+RATE_LIMIT_DESC= DKIM based rate limiting support
+RBL_DESC= Realtime Blacklist query support
+REPLACE_RULES_DESC= String substition when signing
+REPRRD_DESC= Support for collaborative reputation that uses rrdtool (experimental)
+REPUTATION_DESC= Reputation check (experimental)
+RESIGN_DESC= One-step resigning
+SASL_DESC= Enable SASL authentication with LDAP
+SENDER_MACRO_DESC= Macro to determine sender
+SOCKETDB_DESC= Arbitrary socket data sets
+STATSEXT_DESC= Localized stats extensions
+STATS_DESC= Per-message and per-signature statistics
+STOCK_RESOLVER_DESC= Use the stock resolver library
+UNBOUND_DESC= Use unbound DNS library
+VBR_DESC= Vouch-By-Reference support
+
+ADSP_LISTS_CONFIGURE_ENABLE= adsp_lists
+
+ALLSYMBOLS_CONFIGURE_ENABLE= allsymbols
+
+ATPS_CONFIGURE_ENABLE= atps
+
+CODECOVERAGE_CONFIGURE_ENABLE= codecoverage
+
+CURL_LIB_DEPENDS= libcurl.so:ftp/curl
+CURL_CONFIGURE_WITH= libcurl
+
+DB_HANDLE_POOLS_CONFIGURE_ENABLE= db_handle_pools
+
+DEBUG_CONFIGURE_ENABLE= debug
+
+DEFAULT_SENDER_CONFIGURE_ENABLE= default_sender
+
+DIFFHEADERS_LIB_DEPENDS= libtre.so:textproc/libtre
+DIFFHEADERS_CONFIGURE_ENABLE= diffheaders
+DIFFHEADERS_CONFIGURE_WITH= tre=${LOCALBASE}
+
+FILTER_USE= RC_SUBR=milter-opendkim
+
+GNUTLS_LIB_DEPENDS= libgnutls.so:security/gnutls
+GNUTLS_CONFIGURE_OFF= --with-openssl=${OPENSSLBASE}
+GNUTLS_CONFIGURE_WITH= gnutls
+
+IDENTITY_HEADER_CONFIGURE_ENABLE= identity_header
+
+JANSSON_LIB_DEPENDS= libjansson.so:devel/jansson
+JANSSON_CONFIGURE_WITH= libjansson
+
+LDAP_CACHING_USES= ldap
+LDAP_CACHING_CONFIGURE_ENABLE= ldap_caching
+
+LDNS_LIB_DEPENDS= libldns.so:dns/ldns
+LDNS_CONFIGURE_WITH= ldns
+
+LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb
+LMDB_CONFIGURE_WITH= lmdb
+
+LUA_USES= lua
+LUA_CONFIGURE_WITH= lua
+
+LUA_ONLY_SIGNING_IMPLIES= LUA
+LUA_ONLY_SIGNING_CONFIGURE_ENABLE= lua_only_signing
+
+MEMCACHED_LIB_DEPENDS= libmemcached.so:databases/libmemcached
+MEMCACHED_CONFIGURE_WITH= libmemcached
+
+OPENDBX_LIB_DEPENDS= libopendbx.so:databases/opendbx
+OPENDBX_CONFIGURE_WITH= odbx
+
+OPENLDAP_USES= ldap
+OPENLDAP_CONFIGURE_WITH= openldap
+
+POPAUTH_CONFIGURE_ENABLE= popauth
+
+POSTGRES_RECONNECT_HACK_CONFIGURE_ENABLE= postgresql_reconnect_hack
+
+QUERY_CACHE_CONFIGURE_ENABLE= query_cache
+
+RATE_LIMIT_CONFIGURE_ENABLE= rate_limit
+
+RBL_IMPLIES= LUA
+RBL_CONFIGURE_ENABLE= rbl
+
+REPLACE_RULES_CONFIGURE_ENABLE= replace_rules
+
+REPRRD_LIB_DEPENDS= librrd.so:databases/rrdtool
+REPRRD_CONFIGURE_ENABLE= reprrd
+
+REPUTATION_IMPLIES= CURL JANSSON
+REPUTATION_CONFIGURE_ENABLE= reputation
+
+RESIGN_CONFIGURE_ENABLE= resign
+
+SASL_IMPLIES= OPENLDAP
+SASL_CONFIGURE_WITH= sasl
+
+SENDER_MACRO_CONFIGURE_ENABLE= sender_macro
+
+SOCKETDB_CONFIGURE_ENABLE= socketdb
+
+STATSEXT_IMPLIES= LUA STATS
+STATSEXT_CONFIGURE_ENABLE= statsext
+
+STATS_CONFIGURE_ENABLE= stats
+
+UNBOUND_LIB_DEPENDS= libunbound.so:dns/unbound
+UNBOUND_CONFIGURE_WITH= unbound
+
+VBR_CONFIGURE_ENABLE= vbr
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MFILTER}
+SUB_FILES= pkg-message
+WITHOUT_MILTER_CFLAGS= yes
+WITHOUT_MILTER_LDFLAGS= yes
+.include "${PORTSDIR}/mail/sendmail/bsd.milter.mk"
+CONFIGURE_ARGS+= --with-milter=${MILTERBASE}
+.endif
+
+.if ${PORT_OPTIONS:MPOPAUTH} || ${PORT_OPTIONS:MQUERY_CACHE} || \
+ ${PORT_OPTIONS:MLDAP_CACHING} || ${PORT_OPTIONS:MREPUTATION} || \
+ ${PORT_OPTIONS:MSTATS}
+. if ${PORT_OPTIONS:MBDB_BASE}
+CONFIGURE_ARGS+= --with-db-lib=c
+. else
+CONFIGURE_ARGS+= --with-db-incdir=${BDB_INCLUDE_DIR} \
+ --with-db-lib=${BDB_LIB_NAME} \
+ --with-db-libdir=${BDB_LIB_DIR}
+USES+= bdb
+. endif
+.endif
+
+.if ${PORT_OPTIONS:MCODECOVERAGE}
+LDFLAGS+= -lpthread
+.endif
+
+pre-configure:
+ ${REINPLACE_CMD} -e '/PKG_CHECK_MODULES/s/lua5\.[0-9]/lua-${LUA_VER}/' \
+ -e '/PKG_CHECK_MODULES/s/cyrussasl/libsasl2/' \
+ ${WRKSRC}/configure.ac
+
+post-install:
+ @${MKDIR} ${STAGEDIR}${PREFIX}/etc/mail
+ ${INSTALL_DATA} ${WRKSRC}/opendkim/opendkim.conf.sample \
+ ${STAGEDIR}${PREFIX}/etc/mail/
+
+.include <bsd.port.mk>
diff --git a/mail/opendkim-devel/distinfo b/mail/opendkim-devel/distinfo
new file mode 100644
index 000000000000..e18ae8bf8208
--- /dev/null
+++ b/mail/opendkim-devel/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1717994186
+SHA256 (trusteddomainproject-OpenDKIM-rel-opendkim-2.11.0-Beta2-48-g551ab382_GH0.tar.gz) = 216dd1dcd4cbcd68e6524c1cabe071b9a25356d3ea135c3509d689c2085f3678
+SIZE (trusteddomainproject-OpenDKIM-rel-opendkim-2.11.0-Beta2-48-g551ab382_GH0.tar.gz) = 803244
diff --git a/mail/opendkim-devel/files/milter-opendkim.in b/mail/opendkim-devel/files/milter-opendkim.in
new file mode 100644
index 000000000000..2ce969582af0
--- /dev/null
+++ b/mail/opendkim-devel/files/milter-opendkim.in
@@ -0,0 +1,213 @@
+#!/bin/sh
+
+# PROVIDE: milter-opendkim
+# REQUIRE: DAEMON
+# BEFORE: mail
+# KEYWORD: shutdown
+
+# Define these milteropendkim_* variables in one of these files:
+# /etc/rc.conf
+# /etc/rc.conf.local
+# /etc/rc.conf.d/milteropendkim
+#
+# milteropendkim_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable dkim-milter
+# milteropendkim_uid (str): Set username to run milter.
+# milteropendkim_gid (str): Set group to run milter.
+# milteropendkim_profiles (list): Set to "" by default.
+# Define your profiles here.
+# milteropendkim_cfgfile (str): Configuration file. See opendkim.conf(5)
+#
+# milteropendkim_${profile}_* : Variables per profile.
+# Sockets must be different from each other.
+#
+# milteropendkim_socket_perms (str):
+# Permissions for local|unix socket.
+#
+# all parameters below now can be set in opendkim.conf(5).
+# milteropendkim_socket (str): Path to the milter socket.
+# milteropendkim_domain (str): Domainpart of From: in mails to sign.
+# milteropendkim_key (str): Path to the private key file to sign with.
+# milteropendkim_selector (str): Selector to use when signing
+# milteropendkim_alg (str): Algorithm to use when signing
+# milteropendkim_flags (str): Flags passed to start command.
+
+. /etc/rc.subr
+
+name="milteropendkim"
+rcvar=milteropendkim_enable
+
+extra_commands="reload"
+start_precmd="dkim_prepcmd"
+start_postcmd="dkim_start_postcmd"
+stop_postcmd="dkim_postcmd"
+command="%%PREFIX%%/sbin/opendkim"
+_piddir="/var/run/milteropendkim"
+pidfile="${_piddir}/pid"
+sig_reload="USR1"
+
+load_rc_config $name
+
+#
+# DO NOT CHANGE THESE DEFAULT VALUES HERE
+#
+: ${milteropendkim_enable:="NO"}
+: ${milteropendkim_uid:="mailnull"}
+: ${milteropendkim_gid:="mailnull"}
+: ${milteropendkim_cfgfile:="%%PREFIX%%/etc/mail/opendkim.conf"}
+: ${milteropendkim_socket_perms:="0755"}
+
+# Options other than above can be set with $milteropendkim_flags.
+# see dkim-milter documentation for detail.
+
+extra_commands="reload"
+start_precmd="dkim_prepcmd"
+start_postcmd="dkim_start_postcmd"
+stop_postcmd="dkim_cleansockets"
+command="%%PREFIX%%/sbin/opendkim"
+sig_reload="USR1"
+
+dkim_cleansockets()
+{
+ case ${milteropendkim_socket%:*} in
+ local|unix)
+ rm -f "${milteropendkim_socket#*:}"
+ ;;
+ esac
+}
+
+dkim_get_pidfile()
+{
+ if get_pidfile_from_conf PidFile ${milteropendkim_cfgfile#-x }; then
+ pidfile="$_pidfile_from_conf"
+ else
+ pidfile="/var/run/milteropendkim/${profile:-pid}"
+ fi
+}
+
+dkim_prepcmd()
+{
+ dkim_cleansockets
+ dkim_get_pidfile
+ if [ ! -d "$(dirname "$pidfile")" ]; then
+ mkdir "$(dirname "$pidfile")"
+ fi
+ case ${milteropendkim_socket%:*} in
+ local|unix)
+ socketfile=${milteropendkim_socket#*:}
+ install -d -o ${milteropendkim_uid%:*} -g $milteropendkim_gid \
+ -m ${milteropendkim_socket_perms} \
+ ${pidfile%/*} ${socketfile%/*}
+ ;;
+ esac
+}
+
+dkim_start_postcmd()
+{
+ case ${milteropendkim_socket%:*} in
+ local|unix)
+ # postcmd is executed too fast and socket is not created before checking...
+ sleep 1
+ chmod -f ${milteropendkim_socket_perms} ${milteropendkim_socket#*:}
+ ;;
+ esac
+}
+
+if [ -n "$2" ]; then
+ profile="$2"
+ if [ -n "${milteropendkim_profiles}" ]; then
+ pidfile="${_piddir}/${profile}.pid"
+ eval milteropendkim_enable="\${milteropendkim_${profile}_enable:-${milteropendkim_enable}}"
+ eval milteropendkim_socket="\${milteropendkim_${profile}_socket:-}"
+ eval milteropendkim_socket_perms="\${milteropendkim_${profile}_socket_perms:-}"
+ if [ -z "${milteropendkim_socket}" ];then
+ echo "You must define a socket (milteropendkim_${profile}_socket)"
+ exit 1
+ fi
+ eval milteropendkim_cfgfile="\${milteropendkim_${profile}_cfgfile:-${milteropendkim_cfgfile}}"
+ eval milteropendkim_domain="\${milteropendkim_${profile}_domain:-${milteropendkim_domain}}"
+ eval milteropendkim_key="\${milteropendkim_${profile}_key:-${milteropendkim_key}}"
+ eval milteropendkim_selector="\${milteropendkim_${profile}_selector:-${milteropendkim_selector}}"
+ eval milteropendkim_alg="\${milteropendkim_${profile}_alg:-${milteropendkim_alg}}"
+ eval milteropendkim_flags="\${milteropendkim_${profile}_flags:-${milteropendkim_flags}}"
+ if [ -f "${milteropendkim_cfgfile}" ];then
+ milteropendkim_cfgfile="-x ${milteropendkim_cfgfile}"
+ else
+ milteropendkim_cfgfile=""
+ fi
+ if [ -n "${milteropendkim_socket}" ];then
+ _socket_prefix="-p"
+ fi
+ if [ -n "${milteropendkim_uid}" ];then
+ _uid_prefix="-u"
+ if [ -n "${milteropendkim_gid}" ];then
+ milteropendkim_uid=${milteropendkim_uid}:${milteropendkim_gid}
+ fi
+ fi
+ if [ -n "${milteropendkim_domain}" ];then
+ milteropendkim_domain="-d ${milteropendkim_domain}"
+ fi
+ if [ -n "${milteropendkim_key}" ];then
+ milteropendkim_key="-k ${milteropendkim_key}"
+ fi
+ if [ -n "${milteropendkim_selector}" ];then
+ milteropendkim_selector="-s ${milteropendkim_selector}"
+ fi
+ if [ -n "${milteropendkim_alg}" ];then
+ milteropendkim_alg="-S ${milteropendkim_alg}"
+ fi
+ dkim_get_pidfile
+ command_args="-l ${_socket_prefix} ${milteropendkim_socket} ${_uid_prefix} ${milteropendkim_uid} -P ${pidfile} ${milteropendkim_cfgfile} ${milteropendkim_domain} ${milteropendkim_key} ${milteropendkim_selector} ${milteropendkim_alg}"
+ else
+ echo "$0: extra argument ignored"
+ fi
+else
+ if [ -n "${milteropendkim_profiles}" ] && [ -n "$1" ]; then
+ if [ "$1" != "restart" ]; then
+ for profile in ${milteropendkim_profiles}; do
+ echo "===> milteropendkim profile: ${profile}"
+ %%PREFIX%%/etc/rc.d/milter-opendkim $1 ${profile}
+ retcode="$?"
+ if [ "${retcode}" -ne 0 ]; then
+ failed="${profile} (${retcode}) ${failed:-}"
+ else
+ success="${profile} ${success:-}"
+ fi
+ done
+ exit 0
+ else
+ restart_precmd=""
+ fi
+ else
+ if [ -f "${milteropendkim_cfgfile}" ];then
+ milteropendkim_cfgfile="-x ${milteropendkim_cfgfile}"
+ else
+ milteropendkim_cfgfile=""
+ fi
+ if [ -n "${milteropendkim_socket}" ];then
+ _socket_prefix="-p"
+ fi
+ if [ -n "${milteropendkim_uid}" ];then
+ _uid_prefix="-u"
+ if [ -n "${milteropendkim_gid}" ];then
+ milteropendkim_uid=${milteropendkim_uid}:${milteropendkim_gid}
+ fi
+ fi
+ if [ -n "${milteropendkim_domain}" ];then
+ milteropendkim_domain="-d ${milteropendkim_domain}"
+ fi
+ if [ -n "${milteropendkim_key}" ];then
+ milteropendkim_key="-k ${milteropendkim_key}"
+ fi
+ if [ -n "${milteropendkim_selector}" ];then
+ milteropendkim_selector="-s ${milteropendkim_selector}"
+ fi
+ if [ -n "${milteropendkim_alg}" ];then
+ milteropendkim_alg="-S ${milteropendkim_alg}"
+ fi
+ dkim_get_pidfile
+ command_args="-l ${_socket_prefix} ${milteropendkim_socket} ${_uid_prefix} ${milteropendkim_uid} -P ${pidfile} ${milteropendkim_cfgfile} ${milteropendkim_domain} ${milteropendkim_key} ${milteropendkim_selector} ${milteropendkim_alg}"
+ fi
+fi
+
+run_rc_command "$1"
diff --git a/mail/opendkim-devel/files/patch-opendkim_opendkim-crypto.c b/mail/opendkim-devel/files/patch-opendkim_opendkim-crypto.c
new file mode 100644
index 000000000000..b0c9326a78a5
--- /dev/null
+++ b/mail/opendkim-devel/files/patch-opendkim_opendkim-crypto.c
@@ -0,0 +1,20 @@
+--- opendkim/opendkim-crypto.c.orig 2022-12-30 01:52:49 UTC
++++ opendkim/opendkim-crypto.c
+@@ -221,7 +221,7 @@ dkimf_crypto_free_id(void *ptr)
+ {
+ assert(pthread_setspecific(id_key, ptr) == 0);
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER))
+ OPENSSL_thread_stop();
+ #else
+ ERR_remove_state(0);
+@@ -399,7 +399,7 @@ dkimf_crypto_free(void)
+ {
+ if (crypto_init_done)
+ {
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER))
+ OPENSSL_thread_stop();
+ #else
+ CRYPTO_cleanup_all_ex_data();
diff --git a/mail/opendkim-devel/files/patch-opendkim_opendkim.c b/mail/opendkim-devel/files/patch-opendkim_opendkim.c
new file mode 100644
index 000000000000..8ec336794477
--- /dev/null
+++ b/mail/opendkim-devel/files/patch-opendkim_opendkim.c
@@ -0,0 +1,36 @@
+commit 7c70ee7c86da1cecc621182355cc950d3b193314
+Author: David Bürgin <dbuergin@gluet.ch>
+Date: Sat Oct 14 09:19:37 2023 +0200
+
+ Delete Authentication-Results headers in reverse
+
+diff --git opendkim/opendkim.c opendkim/opendkim.c
+index 803f37b0..cfa5f018 100644
+--- opendkim/opendkim.c
++++ opendkim/opendkim.c
+@@ -13653,8 +13653,15 @@ mlfi_eom(SMFICTX *ctx)
+ return SMFIS_TEMPFAIL;
+ }
+
+- c = 0;
++ c = 1;
++
+ for (hdr = dfc->mctx_hqhead; hdr != NULL; hdr = hdr->hdr_next)
++ {
++ if (strcasecmp(hdr->hdr_hdr, AUTHRESULTSHDR) == 0)
++ c++;
++ }
++
++ for (hdr = dfc->mctx_hqtail; hdr != NULL; hdr = hdr->hdr_prev)
+ {
+ memset(ares, '\0', sizeof(struct authres));
+
+@@ -13666,7 +13673,7 @@ mlfi_eom(SMFICTX *ctx)
+ char *slash;
+
+ /* remember index */
+- c++;
++ c--;
+
+ /* parse the header */
+ arstat = ares_parse((u_char *) hdr->hdr_val,
diff --git a/mail/opendkim-devel/files/pkg-message.in b/mail/opendkim-devel/files/pkg-message.in
new file mode 100644
index 000000000000..259943577424
--- /dev/null
+++ b/mail/opendkim-devel/files/pkg-message.in
@@ -0,0 +1,25 @@
+[
+{ type: install
+ message: <<EOM
+In order to run this port, write your opendkim.conf and:
+
+if you use sendmail, add the milter socket `socketspec' in
+/etc/mail/<your_configuration>.mc:
+
+INPUT_MAIL_FILTER(`dkim-filter', `S=_YOUR_SOCKET_SPEC_, F=T, T=R:2m')
+
+or if you use postfix write your milter socket `socketspec' in
+%%PREFIX%%/etc/postfix/main.cf:
+
+smtpd_milters = _YOUR_SOCKET_SPEC_
+
+
+And to run the milter from startup, add milteropendkim_enable="YES" in
+your /etc/rc.conf.
+Extra options can be found in startup script.
+
+Note: milter sockets must be accessible from postfix/smtpd;
+ using inet sockets might be preferred.
+EOM
+}
+]
diff --git a/mail/opendkim-devel/pkg-descr b/mail/opendkim-devel/pkg-descr
new file mode 100644
index 000000000000..4cbf0e856864
--- /dev/null
+++ b/mail/opendkim-devel/pkg-descr
@@ -0,0 +1,9 @@
+OpenDKIM is an open source implementation of the DKIM (Domain Keys Identified
+Mail) sender authentication system proposed by the E-mail Signing Technology
+Group (ESTG), now standardized by the IETF (RFC4871). It also includes
+an implementations of the Vouch By Reference (VBR, RFC5518) proposed standard.
+
+The OpenDKIM package consists of a library that implements the DKIM service
+and a milter-based filter application that can plug in to any milter-aware
+MTA to provide that service to sufficiently recent sendmail MTAs and other
+MTAs that support the milter protocol.
diff --git a/mail/opendkim-devel/pkg-plist b/mail/opendkim-devel/pkg-plist
new file mode 100644
index 000000000000..2a2f813e5a16
--- /dev/null
+++ b/mail/opendkim-devel/pkg-plist
@@ -0,0 +1,78 @@
+%%ATPS%%share/man/man8/opendkim-atpszone.8.gz
+%%ATPS%%sbin/opendkim-atpszone
+%%FILTER%%share/man/man5/opendkim.conf.5.gz
+%%FILTER%%share/man/man8/opendkim.8.gz
+%%FILTER%%sbin/opendkim
+%%JANSSON%%bin/autobuild
+%%JANSSON%%share/man/man8/autobuild.8.gz
+%%LUA%%bin/miltertest
+%%LUA%%share/man/man3/opendkim-lua.3.gz
+%%LUA%%share/man/man8/miltertest.8.gz
+%%STATS%%%%OPENDBX%%bin/opendkim-spam
+%%STATS%%%%OPENDBX%%sbin/opendkim-importstats
+%%STATS%%%%OPENDBX%%share/man/man1/opendkim-spam.1.gz
+%%STATS%%%%OPENDBX%%share/man/man8/opendkim-importstats.8.gz
+%%RBL%%include/rbl/rbl.h
+%%RBL%%lib/librbl.a
+%%RBL%%lib/librbl.so
+%%RBL%%lib/librbl.so.1
+%%RBL%%lib/librbl.so.1.0.0
+%%RBL%%libdata/pkgconfig/rbl.pc
+%%RBL%%share/man/man3/rbl.3.gz
+%%REPRRD%%bin/opendkim-reprrdimport
+%%REPRRD%%include/reprrd/reprrd.h
+%%REPRRD%%lib/libreprrd.a
+%%REPRRD%%lib/libreprrd.so
+%%REPRRD%%lib/libreprrd.so.1
+%%REPRRD%%lib/libreprrd.so.1.0.0
+%%REPRRD%%share/man/man8/opendkim-reprrdimport.8.gz
+%%REPUTATION%%include/repute/repute.h
+%%REPUTATION%%include/ut/ut.h
+%%REPUTATION%%lib/librepute.a
+%%REPUTATION%%lib/librepute.so
+%%REPUTATION%%lib/librepute.so.1
+%%REPUTATION%%lib/librepute.so.1.0.0
+%%REPUTATION%%lib/libut.a
+%%REPUTATION%%lib/libut.so
+%%REPUTATION%%lib/libut.so.1
+%%REPUTATION%%lib/libut.so.1.0.0
+%%REPUTATION%%libdata/pkgconfig/repute.pc
+%%REPUTATION%%libdata/pkgconfig/ut.pc
+%%REPUTATION%%share/man/man3/ut.3.gz
+%%REPUTATION%%share/man/man8/opendkim-genrates.8.gz
+%%REPUTATION%%share/man/man8/opendkim-modtotals.8.gz
+%%REPUTATION%%share/man/man8/opendkim-rephistory.8.gz
+%%REPUTATION%%sbin/opendkim-genrates
+%%REPUTATION%%sbin/opendkim-modtotals
+%%REPUTATION%%sbin/opendkim-rephistory
+%%STATS%%share/man/man8/opendkim-expire.8.gz
+%%STATS%%share/man/man8/opendkim-gengraphs.8.gz
+%%STATS%%share/man/man8/opendkim-genstats.8.gz
+%%STATS%%share/man/man8/opendkim-stats.8.gz
+%%STATS%%sbin/opendkim-expire
+%%STATS%%sbin/opendkim-gengraphs
+%%STATS%%sbin/opendkim-genstats
+%%STATS%%sbin/opendkim-reportstats
+%%STATS%%sbin/opendkim-stats
+%%VBR%%include/vbr/vbr.h
+%%VBR%%lib/libvbr.a
+%%VBR%%lib/libvbr.so
+%%VBR%%lib/libvbr.so.2
+%%VBR%%lib/libvbr.so.2.0.0
+%%VBR%%libdata/pkgconfig/vbr.pc
+%%VBR%%share/man/man3/vbr.3.gz
+@sample etc/mail/opendkim.conf.sample
+include/opendkim/dkim.h
+lib/libopendkim.a
+lib/libopendkim.so
+lib/libopendkim.so.11
+lib/libopendkim.so.11.0.0
+libdata/pkgconfig/opendkim.pc
+share/man/man8/opendkim-genkey.8.gz
+share/man/man8/opendkim-genzone.8.gz
+share/man/man8/opendkim-testkey.8.gz
+share/man/man8/opendkim-testmsg.8.gz
+sbin/opendkim-genkey
+sbin/opendkim-genzone
+sbin/opendkim-testkey
+sbin/opendkim-testmsg
diff --git a/mail/opendkim/Makefile b/mail/opendkim/Makefile
index b483d39a2144..1ef42e2ed66b 100644
--- a/mail/opendkim/Makefile
+++ b/mail/opendkim/Makefile
@@ -28,6 +28,8 @@ SHEBANG_FILES= opendkim/opendkim-genkey* reputation/opendkim-* stats/opendkim-*
USE_LDCONFIG= yes
TEST_TARGET= check # XXX: 1 of 30 tests fails
+CONFLICTS_INSTALL= opendkim-devel
+
PORTDOCS= *
CONFIGURE_ARGS+= --without-tre