Properly compile OpenDKIM on Alpine

## Background Hello, [OpenDKIM](http://www.opendkim.org/docs.html) is available on the [official apk repository](https://git.alpinelinux.org/aports/tree/community/opendkim/APKBUILD) , but does not include important configuration flags I need such as --with-odbx and --with-sql-backend. I was able to compile it relatively easily. *However*, the resulting OpenDKIM binary cannot verify DKIM headers since it does not support RSA-SHA256. I found this odd since apk add opendkim *does* support RSA-SHA256. ## Question How can I compile OpenDKIM on Alpine 3.14 with these additional configuration flags *and* still have support for RSA-SHA256? ## Steps to reproduce First, I pre-downloaded OpenDKIM 2.11.0-Beta2 and OpenDBX 1.4.6 into a packages folder.

mkdir packages
wget -P packages \
  https://github.com/trusteddomainproject/OpenDKIM/archive/refs/tags/2.11.0-Beta2.tar.gz  \ 
  http://linuxnetworks.de/opendbx/download/opendbx-1.4.6.tar.gz 

Then I wrote this Dockerfile, based mainly on the [APKBUILD file](https://git.alpinelinux.org/aports/tree/community/opendkim/APKBUILD) .

FROM alpine:3.14

COPY packages /opt/data

RUN apk add --no-cache \
    alpine-sdk \
    automake \
    autoconf \
    db-dev \
    libtool \
    mariadb-dev \
    readline-dev \
  && cd /opt/data \
  && tar xzf opendbx-1.4.6.tar.gz \
  && cd opendbx-1.4.6/ \
  && CPPFLAGS="-I/usr/include/mysql" ./configure --with-backends="mysql" \
  && make install

RUN apk add --no-cache \
    openssl-dev \
    libmilter-dev \
  && cd /opt/data \
  && tar xzf 2.11.0-Beta2.tar.gz \
  && cd OpenDKIM-2.11.0-Beta2 \
  && autoreconf -vif \
  && ./configure \
    --sysconfdir=/etc/opendkim \
    --with-odbx \
    --with-openssl=/usr/lib \
    --with-sql-backend \
  && make \
  && make install

Then I built and ran the docker image:

docker build -t opendkim-alpine .
docker run opendkim-alpine opendkim -V

Notice rsa-sha256 is missing from the "Supported signing algorithms. Compare to the output here:

docker run alpine:3.14 ash -c 'apk add opendkim && opendkim -V'

## Notes - ./configure failed to complete with an error that libssl could not be found until I specified --with-openssl=/usr/lib. I think this may hint that I need to pass LDFLAGS or CFLAGS, but I don't know what those should be. - [Debian Buster *does* include the compilation flags I need](https://packages.debian.org/buster/opendkim) . - In the APKBUILD file, I have no idea what the values of CFLAGS are and I couldn't easily figure out what default_prepare does. It seems relatively opaque and difficult to find the answers to these questions except by experiment. - I've seen [other attempts](https://github.com/LordVeovis/docker-opendkim/blob/master/Dockerfile) which create an entire alpine build environment and use sed to modify the APKBUILD file to include extra flags. This seemed like overkill. - For Googlers, the error message I get when trying to run opendkim in verify mode is opendkim: verify mode requires rsa-sha256 support.