aliases break dkim signing

Wed, 10 Apr 2024 13:15:51 -0700 

I'm running into an issue where I'm trying to make all email sent to some
accounts on my mail server be automatically sent to my gmail account, but
any mail sent to those accounts fails gmail's dkim checks. dkim passes when
sending mail to my gmail account with sendmail, so I don't have broken dns
records or something.
I'm not sure how to get the dkim signing filter to run after aliases have
been applied, or how to get aliases to apply to the From header as well
(which I'm guessing is the problem).

Jacob

/etc/aliases:
postmaster:    programmerj...@gmail.com
root:          programmerj...@gmail.com
abuse:         programmerj...@gmail.com
jacob:         programmerj...@gmail.com

/etc/smtpd.conf:
pki mail.my.domain cert "/etc/letsencrypt/live/my.domain/fullchain.pem"
pki mail.my.domain key "/etc/letsencrypt/live/my.domain/privkey.pem"

filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*',
'.*\.dsl\..*' } \
    disconnect "550 no dyndns"

filter check_rdns phase connect match !rdns \
    disconnect "550 no PTR record"

filter check_fcrdns phase connect match !fcrdns \
    disconnect "550 no PTR record doesn't match forward record"

filter rspamd proc-exec "filter-rspamd"

filter dkimsign proc-exec "filter-dkimsign -d my.domain -s 1 -k
/etc/mail/dkim/my.domain.key" user _dkimsign group _dk
imsign

table aliases file:/etc/aliases
table userinfo file:/etc/mail/userinfo

# To accept external mail, replace with: listen on all
#
listen on 0.0.0.0 tls pki mail.my.domain \
    filter { check_dyndns, check_rdns, check_fcrdns, rspamd }
listen on :: tls pki mail.my.domain \
    filter { check_dyndns, check_rdns, check_fcrdns, rspamd }

listen on 0.0.0.0 port submission tls-require pki mail.my.domain auth
filter { rspamd, dkimsign }
listen on :: port submission tls-require pki mail.my.domain auth filter {
rspamd, dkimsign }

listen on socket filter dkimsign

action "local_mail" maildir junk alias <aliases> userbase <userinfo>
action "outbound" relay helo mail.my.domain

# Uncomment the following to accept external mail for domain "example.org"
#
# match from any for domain "example.org" action "local"
match from any for domain "my.domain" action "local_mail"
match for local action "local_mail"

match from any auth for any action "outbound"
match for any action "outbound"

Reply via email to