[Rspamd-Users] DKIM signing not working
Gerald Galster
list+rspamd at gcore.biz
Mon Jun 26 23:35:18 UTC 2023
> The email originates from a dynamically changing set of IPs.
> The send process is granted by postfix already; do you have any hint how to get this info to milter/rspamd?
> Are there any parameters to pass in the config:
>
> smtpd_milters = inet:localhost:11332
> non_smtpd_milters = inet:localhost:11332
This is all there is to configure in postfix.
I guess you're not using sasl auth then, otherwise it would just work.
To verify, see if your maillog contains lines with sasl_username.
In case it does you might try to add the following to postfix' main.cf
after your non_smtpd_milters.
milter_default_action = accept
milter_protocol = 6
There are two options:
- configure your servers to authenticate via sasl at postfix
- configure rspamd to know your local ips (sign_local, sign_networks, ...)
https://rspamd.com/doc/modules/dkim_signing.html
# Map file of IP addresses/subnets to consider for signing
# sign_networks = "/some/file"; # or url
# Domain to use for DKIM signing when sender is in sign_networks ("header"/"envelope"/"auth")
#use_domain_sign_networks = "header";
...
Best regards,
Gerald
>> Am 25.06.2023 um 16:10 schrieb Gerald Galster <list+rspamd at gcore.biz>:
>>
>>> My /etc/rspamd/local.d/dkim_signing.conf:
>>> sign_authenticated = true;
>>
>> Where does the email originate from and is it sasl authenticated or
>> ip authenticated (sign_local, sign_networks, ...)?
>>
>> Is rspamd integrated via postfix and milter? If so, is authentication
>> successful in postfix so that milter macros authen_* will be transmitted?
>>
>>> domain {
>>> domain1.com {
>>> path = "/var/lib/rspamd/dkim/domain1.com.dkim.key";
>>> selector = "dkim";
>>> }
>>> domain2.com {
>>> path = "/var/lib/rspamd/dkim/domain2.com.dkim.key";
>>> selector = "dkim";
>>> }
>>> domain3.com {
>>> path = "/var/lib/rspamd/dkim/domain3.com.dkim.key";
>>> selector = "dkim";
>>> }
>>> }
>>
>> Those seem to be configured the same way. Default configuration would
>> be sufficient:
>>
>> # Default path to key, can include '$domain' and '$selector' variables
>> path = "/var/lib/rspamd/dkim/$domain.$selector.key";
>>
>> # Default selector to use
>> selector = "dkim";
>>
>> Best regards
>> Gerald
>> --
>> Users mailing list
>> Users at lists.rspamd.com
>> https://lists.rspamd.com/mailman/listinfo/users
>
> --
> Users mailing list
> Users at lists.rspamd.com
> https://lists.rspamd.com/mailman/listinfo/users
More information about the Users
mailing list