Hello,
> On 22 févr. 2019, at 23:20, Andrey Repin <anrdae...@yandex.ru> wrote:
>
>> I would like to add opendmarc for DMARC checking of inbound emails but it
>> looks like it's only available as a milter. Unfortunately, last time I'v
>> checked, milter couldn't modify emails when used in a before-queue content
>> filtering setup, and they only have access to the message envelop IIRC.
>
> Milters don't have access to queue ID, before they run before queue.
> But most certainly they can modify message. spamass-milter does that just fine
> for me. So does OpenDKIM for message signing.
It simply does not work.
Here is my front-most smtp setup:
smtpd pass - - n - - smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
-o disable_mime_output_conversion=yes
-o
smtpd_milters=unix:/var/milter-greylist/milter-greylist.sock,inet:localhost:8893
-o non_smtpd_milters=inet:localhost:8893
MY.IP:smtp inet n - n - 1 postscreen
I've added `inet:localhost:8893` for OpenDMARC daemon. Restarted Postfix.
Mail comes in, but opendmarc process is just sitting there apparently doing
nothing: I've sent a bunch of emails through it, opendmarc see them as they
pass but will not log anything, will not add anything in it's history file,
will not add any header to the message. I've used ktrace on the process, and
even when the mail is passing through the process is mostly brain-dead: I see
some info about the message, but no DNS requests, no write-back to postfix.
I might still be mistaken, but the official documentation of Postfix states
(bottom of <http://www.postfix.org/MILTER_README.html>):
"When you use the before-queue content filter for incoming SMTP mail (see
SMTPD_PROXY_README), Milter applications have access only to the SMTP command
information; they have no access to the message header or body, and cannot make
modifications to the message or to the envelope."
It appears to me that with my current setup opendmarc will not work, but still,
I can read it wrong…
patrick
