[Rspamd-Users] How to allow only one domain to use rspamd?
L. Jankok
ljankok at gmail.com
Mon Apr 8 18:05:13 UTC 2019
Op ma 8 apr. 2019 om 17:28 schreef P.V.Anthony <anthony at mindmedia.com.sg>:
> On 6/4/19 3:13 PM, P.V.Anthony wrote:
>
> > I am trying to learn how to use rspamd. The email server has multiple
> > domains. A domain has been setup for testing rspamd.
> >
> > Need to know how to setup rspamd to be active only on one domain.
>
> I just could not get the settings.conf to work. So I tried
> multimap.conf. Managed to get it to bypass all the domains with the
> following rule in multimap.conf.
>
> DOMAIN_BYPASS {
> type = "rcpt";
> filter = "email:domain";
> map = "/etc/rspamd/local.d/domain_bypassed.map";
> prefilter = true;
> action = "accept";
> regexp = true;
> }
>
> map contains the following ^.*$
>
> This is bypassing all the domains.
>
> Now I am stuck. How to get one domain to use the rspamd?
>
> I tried the following rule in multimap.conf which was placed above
> DOMAIN_BYPASS but it just does not work. It is still getting bypassed.
>
> DOMAIN_ALLOW {
> type = "rcpt";
> filter = "email:domain";
> map = "/etc/rspamd/local.d/domain_allow.map";
> }
>
> Need advice on how to get one domain to use rspamd. Please advice.
>
> P.V.Anthony
>
> --
First:
/usr/local/etc/rspamd/local.d]$ more dkim_signing.conf
auth_only = true;
sign_local = true;
try_fallback = false;
use_domain_sign_networks = "envelope";
use_domain_sign_local = "envelope";
path_map = "/usr/local/etc/rspamd/local.d/dkim_paths.map";
selector_map = "/usr/local/etc/rspamd/local.d/dkim_selectors.map";
sign_networks = "/usr/local/etc/rspamd/local.d/sign_networks.map";
allow_username_mismatch = true;
Second:
domaina.net /var/db/rspamd/dkim/$selector.key
domainb.net /var/db/rspamd/dkim/$selector.key
domainc.net /var/db/rspamd/dkim/$selector.key
Third:
domaina.net mail
domainb.net mail
domainc.net mail
Fourth:
10.20.30.40/32
192.168.169.170/32
You can mix and match or keep it simple.
Sign_network works really well when you act as a mail relay.
Next, you can use 1 private key and 1 selector for all domains.
More information about the Users
mailing list