{"id":3132,"date":"2026-02-23T23:07:15","date_gmt":"2026-02-23T14:07:15","guid":{"rendered":"https:\/\/www.next-hop.net\/blog\/hiraga\/?p=3132"},"modified":"2026-02-25T06:10:14","modified_gmt":"2026-02-24T21:10:14","slug":"install-openarc","status":"publish","type":"post","link":"https:\/\/www.next-hop.net\/blog\/hiraga\/freebsd\/install-openarc\/","title":{"rendered":"OpenARC\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b"},"content":{"rendered":"<h2>\u524d\u63d0<\/h2>\n<ul>\n<li>OS: FreeBSD<\/li>\n<li>MTA: Sendmail<\/li>\n<li>OpenDKIM\u7a3c\u50cd\u6e08\u307f<\/li>\n<\/ul>\n<h3>Milter\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h3>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\npkg install -y openarc\r\nsysrc milteropenarc_enable=YES\r\n<\/pre>\n<h4>\/usr\/local\/etc\/mail\/openarc.conf<\/h4>\n<pre class=\"brush: diff; title: ; notranslate\" title=\"\">\r\n--- \/usr\/local\/share\/doc\/openarc\/openarc.conf.sample    2026-02-04 13:39:15.000000000 +0900\r\n+++ openarc.conf        2026-02-25 14:46:25.758365392 +0900\r\n@@ -13,7 +13,7 @@\r\n ##  Defines the &quot;authserv-id&quot; token to be used when generating\r\n ##  Authentication-Results headers after message verification.\r\n\r\n-# AuthservID           example.com\r\n+AuthservID             mail.example.net\r\n\r\n ##  AutoRestart { yes | no }\r\n ##     default &quot;no&quot;\r\n@@ -54,7 +54,7 @@\r\n ##  operation.  Thus, cores will be dumped here and configuration files\r\n ##  are read relative to this location.\r\n\r\n-# BaseDirectory                \/var\/run\/opendkim\r\n+BaseDirectory          \/var\/run\/milteropendkim\r\n\r\n ##  Canonicalization hdrcanon&#x5B;\/bodycanon]\r\n ##     default &quot;simple\/simple&quot;\r\n@@ -63,7 +63,7 @@\r\n ##  omitted, &quot;simple&quot; is used.  Valid values for each are &quot;simple&quot; and\r\n ##  &quot;relaxed&quot;.\r\n\r\n-# Canonicalization     simple\/simple\r\n+Canonicalization               relaxed\/relaxed\r\n\r\n ##  ChangeRootDirectory directory\r\n ##\r\n@@ -77,7 +77,7 @@\r\n ##  Specify the domain to use when generating ARC header fields.  Must\r\n ##  be specified for signing.\r\n\r\n-Domain                 example.com\r\n+Domain                 example.net\r\n\r\n ##  EnableCoredumps { yes | no }\r\n ##     default &quot;no&quot;\r\n@@ -121,7 +121,7 @@\r\n ##  SigningTable and KeyTable are used.  No default; must be specified for\r\n ##  signing if SigningTable\/KeyTable are not in use.\r\n\r\n-KeyFile                        \/var\/db\/dkim\/example.private\r\n+KeyFile                        \/var\/db\/dkim\/mail.private\r\n\r\n ## FinalReceiver { yes | no }\r\n ##      default &quot;no&quot;\r\n@@ -129,7 +129,7 @@\r\n ## If set, causes this filter to pass chain signatory information downstream for\r\n ## local policy evaluation in the event of an authentication failure.\r\n\r\n-FinalReceiver { yes | no }\r\n+FinalReceiver                  yes\r\n\r\n ##  MaximumHeaders n\r\n ##\r\n@@ -157,7 +157,7 @@\r\n ##  InternalHosts list; connections from internal hosts will be assigned to\r\n ##  signing mode, and all others will be assigned to verify mode.\r\n\r\n-# Mode                 sv\r\n+Mode                   sv\r\n\r\n ##  OversignHeaders (string)\r\n ##     default (none)\r\n@@ -175,7 +175,7 @@\r\n ##  or domain names whose mail should be neither signed nor verified by this\r\n ##  filter.  See man page for file format.\r\n\r\n-# PeerList             filename\r\n+PeerList               \/usr\/local\/etc\/mail\/PeerList\r\n\r\n ##  PidFile filename\r\n ##     default (none)\r\n@@ -183,7 +183,7 @@\r\n ##  Name of the file where the filter should write its pid before beginning\r\n ##  normal operations.\r\n\r\n-# PidFile              filename\r\n+PidFile                \/var\/run\/milteropenarc\/pid\r\n\r\n ##  SealHeaderChecks filename\r\n ##     default (none)\r\n@@ -207,7 +207,7 @@\r\n ##  The name of the selector to use when signing.  No default; must be\r\n ##  specified for signing.\r\n\r\n-Selector               my-selector-name\r\n+Selector               mail\r\n\r\n ##  SignatureAlgorithm signalg\r\n ##     default &quot;rsa-sha256&quot;\r\n@@ -235,7 +235,7 @@\r\n ##  inet:port                  to listen on all interfaces\r\n ##  local:\/path\/to\/socket      to listen on a UNIX domain socket\r\n\r\n-Socket                 inet:port@localhost\r\n+Socket                 local:\/var\/run\/milteropenarc\/socket\r\n\r\n ##  SoftwareHeader { yes | no }\r\n ##     default &quot;no&quot;\r\n@@ -277,4 +277,4 @@\r\n ##  Change to user &quot;userid&quot; before starting normal operation?  May include\r\n ##  a group ID as well, separated from the userid by a colon.\r\n\r\n-# UserID               userid\r\n+UserID                 mailnull:mailnull\r\n<\/pre>\n<h3>Sendmail\u306e\u8a2d\u5b9a<\/h3>\n<h4>\/etc\/mail\/sendmail.cf<\/h4>\n<pre class=\"brush: diff; title: ; notranslate\" title=\"\">\r\n- O InputMailFilters=dkim-milter, dmarc-milter\r\n+ O InputMailFilters=dkim-milter, arc-milter, dmarc-milter\r\n+ Xarc-milter, S=local:\/var\/run\/milteropenarc\/socket, F=T, T=R:2m\r\n<\/pre>\n<h2>\u53c2\u8003<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.next-hop.net\/blog\/hiraga\/freebsd\/install-opendkim\/\">OpenDKIM\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u524d\u63d0 OS: FreeBSD MTA: Sendmail OpenDKIM\u7a3c\u50cd\u6e08\u307f Milter\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb pkg install -y openarc sysrc milteropenarc_enable=YES \u2026 <span class=\"read-more\"><a href=\"https:\/\/www.next-hop.net\/blog\/hiraga\/freebsd\/install-openarc\/\">\u7d9a\u304d\u3092\u8aad\u3080 &raquo;<\/a><\/span><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3132","post","type-post","status-publish","format-standard","hentry","category-freebsd"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts\/3132"}],"collection":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/comments?post=3132"}],"version-history":[{"count":9,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts\/3132\/revisions"}],"predecessor-version":[{"id":3146,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/posts\/3132\/revisions\/3146"}],"wp:attachment":[{"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/media?parent=3132"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/categories?post=3132"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.next-hop.net\/blog\/hiraga\/wp-json\/wp\/v2\/tags?post=3132"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}