main.cf add opendkim support

main.cf.default

@@ -168,6 +168,7 @@ fork_delay = 1s
 forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
 forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward
 frozen_delivered_to = yes
+full_name_encoding_charset = utf-8
 hash_queue_depth = 1
 hash_queue_names = deferred, defer
 header_address_token_limit = 10240
@@ -313,6 +314,9 @@ lmtp_tls_session_cache_timeout = 3600s
 lmtp_tls_trust_anchor_file =
 lmtp_tls_verify_cert_match = hostname
 lmtp_tls_wrappermode = no
+lmtp_tlsrpt_enable = no
+lmtp_tlsrpt_skip_reused_handshakes = yes
+lmtp_tlsrpt_socket_name =
 lmtp_transport_rate_delay = $default_transport_rate_delay
 lmtp_use_tls = no
 lmtp_xforward_timeout = 300s
@@ -341,9 +345,9 @@ local_transport_rate_delay = $default_transport_rate_delay
 luser_relay =
 mail_name = Postfix
 mail_owner = postfix
-mail_release_date = 20241204
+mail_release_date = 20250710
 mail_spool_directory = /var/mail
-mail_version = 3.9.1
+mail_version = 3.10.3
 mailbox_command =
 mailbox_command_maps =
 mailbox_delivery_lock = flock, dotlock
@@ -653,7 +657,7 @@ smtp_tls_cert_file =
 smtp_tls_chain_files =
 smtp_tls_ciphers = medium
 smtp_tls_connection_reuse = no
-smtp_tls_dane_insecure_mx_policy = ${{$smtp_tls_security_level} == {dane} ? {dane} : {may}}
+smtp_tls_dane_insecure_mx_policy = dane
 smtp_tls_dcert_file =
 smtp_tls_dkey_file = $smtp_tls_dcert_file
 smtp_tls_eccert_file =
@@ -682,6 +686,9 @@ smtp_tls_session_cache_timeout = 3600s
 smtp_tls_trust_anchor_file =
 smtp_tls_verify_cert_match = hostname
 smtp_tls_wrappermode = no
+smtp_tlsrpt_enable = no
+smtp_tlsrpt_skip_reused_handshakes = yes
+smtp_tlsrpt_socket_name =
 smtp_transport_rate_delay = $default_transport_rate_delay
 smtp_use_tls = no
 smtp_xforward_timeout = 300s
@@ -720,6 +727,7 @@ smtpd_forbidden_commands = CONNECT GET POST regexp:{{/^[^A-Z]/ Bogus}}
 smtpd_hard_error_limit = ${stress?{1}:{20}}
 smtpd_helo_required = no
 smtpd_helo_restrictions =
+smtpd_hide_client_session = no
 smtpd_history_flush_threshold = 100
 smtpd_junk_command_limit = ${stress?{1}:{100}}
 smtpd_log_access_permit_actions =
@@ -805,6 +813,7 @@ smtpd_upstream_proxy_timeout = 5s
 smtpd_use_tls = no
 smtputf8_autodetect_classes = sendmail, verify
 smtputf8_enable = ${{$compatibility_level} <level {1} ? {no} : {yes}}
+socketmap_max_reply_size = 100000
 soft_bounce = no
 stale_lock_time = 500s
 stress =
@@ -826,7 +835,7 @@ tls_config_name =
 tls_daemon_random_bytes = 32
 tls_dane_digests = sha512 sha256
 tls_disable_workarounds =
-tls_eecdh_auto_curves = X25519 X448 prime256v1 secp521r1 secp384r1
+tls_eecdh_auto_curves = X25519 X448 prime256v1 secp384r1 secp521r1
 tls_eecdh_strong_curve = prime256v1
 tls_eecdh_ultra_curve = secp384r1
 tls_export_cipherlist =
@@ -843,6 +852,7 @@ tls_random_exchange_name = ${data_directory}/prng_exch
 tls_random_prng_update_period = 3600s
 tls_random_reseed_period = 3600s
 tls_random_source = dev:/dev/urandom
+tls_required_enable = yes
 tls_server_sni_maps =
 tls_session_ticket_cipher = aes-256-cbc
 tls_ssl_options =