Viktor Dukhovni:
> On Mon, Feb 18, 2019 at 09:07:36PM +0300, Andrey Repin wrote:
>
> > > Maybe that should have finer granularity: it may be OK to inspect
> > > bounces with Milters, but it may not be OK with header/body_checks.
> >
> > Yes, I see how this can be a problem.
> > Is there a way around it? How are the bounces/notifications introduced to
> > the queue? May be some parameter there could enable just the necessary
> > processing? Or may be the queue itself could run the signer somehow?
>
> In a multi-instance configuration, with a network-facing input
> instance that rejects bad input, and a null-client for local
> submisison feeding an output instance for outbound mail that does
> signing and the like, and an inbound instance that delivers to your
> domains, the separation of duties makes it unnecessary to enable
> signing on bounces. Perhaps that's more complex to initially
> configure than you had in mind, but it is IMHO ultimately easier
> to manage once configured, because of reduced conflict between the
> requirements for the various flows.
There is no need to sign bounces for email that you don't receive
but what about non-delivery notifications for mail that is accepted
and then later found to be undeliverable?
Wietse
