HI Ralf, Am 24.11.2017 um 17:16 schrieb Ralf Hildebrandt:
> I was testing this with 2.11.0 - went back to 2.10.1 and the expected > behaviour was restored ( mail from !MYNETS is not being DKIM signed). Did I understood "your problem right"? Someone send from a foreign IP a message to your MX on port 25 with a faked "mail from:<>" and/or "From: "-header to an outgoing recipient and your AMaVis signed this message with DKIM? right? That sounds very strange and ugly. As I noticed, that AMaViS 2.11.0 is only signing mails with "originating =>1" if I set up AMaVis for both (signing and verifying DKIM), I 'm not sure if AMaViS is still the best tool for all the ASAV-related stuff on my mailservers. What 'bout rspamd? Do you thing this could replace AMaViS? ttyl Django