On Mon, Feb 18, 2019 at 09:07:36PM +0300, Andrey Repin wrote:
> > Maybe that should have finer granularity: it may be OK to inspect
> > bounces with Milters, but it may not be OK with header/body_checks.
>
> Yes, I see how this can be a problem.
> Is there a way around it? How are the bounces/notifications introduced to
> the queue? May be some parameter there could enable just the necessary
> processing? Or may be the queue itself could run the signer somehow?
In a multi-instance configuration, with a network-facing input
instance that rejects bad input, and a null-client for local
submisison feeding an output instance for outbound mail that does
signing and the like, and an inbound instance that delivers to your
domains, the separation of duties makes it unnecessary to enable
signing on bounces. Perhaps that's more complex to initially
configure than you had in mind, but it is IMHO ultimately easier
to manage once configured, because of reduced conflict between the
requirements for the various flows.
--
Viktor.
