Awesome!! This worked, thanks a lot!
On 23/05/2021 14:57, Thomas Bohl wrote:
>
> Am 23.05.2021 um 12:32 schrieb flipchan:
>> Yeah, it was all working until I upgraded to 6.8, can someone else
>> that is running opensmtpd with dkim send me their smtpd.conf? I
>> assume I have written some rule wrong, not sure where doe
>
> The config is all over the place. There is the rspamd filter and there
> is DKIM tagging with a match rules order that can't reach the tagging.
> It's like Martijn van Duren said, you are clearly using rspamd and not
> dkimproxy_out, which means your debugging is way off.
>
>
> But thinks got easier anyway. Please install filter-dkimsign.
> # pkg_add opensmtpd-filter-dkimsign
> Remove everything dkim and rspamd from your current smtpd.conf.
>
> Add
>
> filter "dkimsg" proc-exec "filter-dkimsign -d example.com -s default \
> -k /var/dkimproxy/default.private -c relaxed/relaxed" \
> user _dkimsign group _dkimsign
>
> and edit the line
>
> listen on vio0 port 587 hostname example.com tls-require pki
> mail.example.com auth filter "rspamd"
>
> to
>
> listen on vio0 port 587 hostname example.com tls-require pki
> mail.example.com auth filter "dkimsg"
>
>
> Or
> # cat /etc/mail/smtpd.conf
> table aliases file:/etc/mail/aliases
>
> pki mail.example.com cert "/etc/ssl/mail.example.com.crt"
> pki mail.example.com key "/etc/ssl/private/mail.example.com.key"
>
> filter "dkimsg" proc-exec "filter-dkimsign -d example.com -s default \
> -k /var/dkimproxy/default.private -c relaxed/relaxed" \
> user _dkimsign group _dkimsign
>
> listen on vio0 port 587 hostname example.com tls-require pki
> mail.example.com auth filter "dkimsg"
> listen on vio0 port 25 hostname example.com tls pki mail.example.com
>
> action "mbox" mbox alias <aliases>
> action "relay" relay
>
> match from any for domain example.com action "mbox"
> match for local action "mbox"
> match auth from any for any action "relay"
>
>
> If you really need rspamd for spam filtering add it back in and add
> the filter only to "listen on vio0 port 25". Otherwise uninstall it,
> since even in "standby" it produces lots of DNS traffic.
>
> HTH
>
No comments:
Post a Comment