Zbigniew Szalbot a écrit :
> Hello,
>
> I used to have a working setup where all outgoing mail, including
> mailman, was being signed. However, I decided to stop using maia for
> content scanning (most of my mail is variuos subscriptions sent to
> outside users) and just sign the outgoing mail with DKIM.
>
> So I changed the entry in main.cf to say this:
> smtpd_milters = inet:127.0.0.1:4445
> non_smtpd_milters = inet:127.0.0.1:4445
>
> This does what I want as DKIM-filter is listening on port 4445 and is
> indeed singing outgoing mail. However, I am not sure why, mailman lists
> emails are no longer being signed.
>
> Here is the entry in mailman that I have been using all the time.
>
> mailman unix - n n - - pipe
> flags=FR user=mailman:mailman
> argv=/usr/local/mailman/postfix-to-mailman.py
> ${nexthop} ${user}
> -o milter_macro_daemon_name=ORIGINATING
> -o smtpd_milters=inet:127.0.0.1:4445
>
you can repeat
-o milter_macro_daemon_name=ORIGINATING
666 times, there is no chance that this will add dkim signing code in
"pipe" or "/.../...mailman.py".
if you want your mail to be signed, get it go via something that signs
mail.
but why do you want to sign mailman (resent) mail? do you really think
it will help you?
> And it has always worked well but not anymore. I mean the outgoing mail
> is not being signed.
most of that outgoing mail has been generated by remote systems. the
best you can do is preserve their signature (by not adding footer not
munging reply-to headers). but given the amount of "invalid yahoo" mail
I see, I lost hope in trying to preserve such sigs.
> Is there any apparent flaw in my setup? I guess
> there is but I would appreciate if you could give me some pointers.
>
> I am using postfix-2.5.6,1 on a FreeBSD 7.2 system.
>
