Re: Struggling with DKIM signing

Tue, 05 Nov 2024 07:01:48 -0800 



On 05/11/2024 14:39, Nick Howitt wrote:

On 05/11/2024 14:27, Damian wrote:

Thanks very much. I had tried adding "-o content_filter=smtp-amavis: 
[127.0.0.1]:10024" to master.cf but only reloaded postfix. I removed 
it when it didn't work. 



Are you sure about the 10024? That is the standard Amavis port. If you 
use the same port for externally inbound emails, they will be falsely 
declared as originating.



Ok, I have more studying to do. I see there is a Configuring Multiple 
Paths section which I guess I'll have to read.

For the Postfix bit, I already have:
#=====================================================================
# Global antivirus/antispam pre-filter (Amavis)
#=====================================================================
smtp-amavis  unix -     -       n       -       5       smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
# SMTP interface for injecting mail into Amavis
127.0.0.1:10025 inet n  -       n       -       -  smtpd
    -o content_filter=smtp-amavis:[127.0.0.1]:10024
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
#=====================================================================
# Mail re-injection (after pre-filtering)
#=====================================================================
127.0.0.1:10026 inet n  -       n       -       -  smtpd
    -o content_filter=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0



Do I just duplicate the two sections starting 127.0.0.1, changing the 
ports but leave the first smtp-amavis section?





















					Reply via email to