Michael a écrit : > In reference to the following page: > http://dkimproxy.sourceforge.net/postfix-outbound-howto.html > > it includes the following: > submission inet n - n - - smtpd > -o smtpd_etrn_restrictions=reject > -o smtpd_sasl_auth_enable=yes > -o content_filter=dksign:[127.0.0.1]:10027 > -o receive_override_options=no_address_mappings > -o > smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject > > > however I do not send emails from my desktop using port 587, I use port 25 as > standard. > > How could I include the line "-o content_filter=dksign:[127.0.0.1]:10027" in > a > manner where only OUTBOUND emails only are passed through DKIM proxy, and not > incoming emails? Yes, I am well aware that SMTP does not draw a distinction > between the 2, but I am thinking there must be a way, or do I have to send > emails via a port other then 25 to achieve this? >
better move to 587, which is the standard submission port. If you insist (but once again, 587 is simpler and brings other benefits), you can still use the FILTER statement in an access check: smtpd_client_restrictions = check_client_access pcre:/etc/postfix/filter_trusted permit_mynetwork permit_sasl_authenticated check_client_access pcre:/etc/postfix/filter_default == filter_trusted /./ FILTER filter:[127.0.0.1]:10586 == filter_default /./ FILTER filter:[127.0.0.1]:10024 note that with this, content_filter settings are unused. > On this topic has anyone found a good DKIM signing solution that will work > with multiple domains? If you are not happy with dkim-proxy, you can try dkim-milter or amavisd-new.