On 09/05/2022 12:48, Matt Kinni wrote:
I have opendkim configured via 'smtpd_milters' to sign all outbound
mail, and my domain publishes a "quarantine" dmarc record to enforce the
consequences of this.
I recently discovered that MAILER-DAEMON messages generated by postfix
itself bypass this setup and do /not/ get signed, which unfortunately
results in legitimate DSNs being filtered into the sender's spam/junk
mail folder due to the dmarc policy (I confirmed this with gmail).
If you are using DMARC I assume you have also setup SPF correctly, so
that DMARC should pass even if your messages are not DKIM signed.
Maybe you can explain what you mean with "I confirmed this with gmail",
as it's generally very hard to confirm *anything* with gmail, i.e. the
reason why a certain mail will be rejected or land in junk.
Cheers,
Bernardo
