I would like to add opendmarc for DMARC checking of inbound emails but it looks like it's only available as a milter. Unfortunately, last time I'v checked, milter couldn't modify emails when used in a before-queue content filtering setup, and they only have access to the message envelop IIRC.
On 22 févr. 2019, at 23:20, Andrey Repin <anrdae...@yandex.ru> wrote: Milters don't have access to queue ID, before they run before queue. But most certainly they can modify message. spamass-milter does that just fine for me. So does OpenDKIM for message signing.
On 23.02.19 18:30, Patrick Proniewski wrote:
It simply does not work. Here is my front-most smtp setup: smtpd pass - - n - - smtpd -o smtpd_proxy_filter=127.0.0.1:10024 -o smtpd_client_connection_count_limit=10 -o disable_mime_output_conversion=yes -o smtpd_milters=unix:/var/milter-greylist/milter-greylist.sock,inet:localhost:8893 -o non_smtpd_milters=inet:localhost:8893
I might still be mistaken, but the official documentation of Postfix states (bottom of <http://www.postfix.org/MILTER_README.html>): "When you use the before-queue content filter for incoming SMTP mail (see SMTPD_PROXY_README), Milter applications have access only to the SMTP command information; they have no access to the message header or body, and cannot make modifications to the message or to the envelope." It appears to me that with my current setup opendmarc will not work, but still, I can read it wrong…
I believe you read it correctly, and I found it interesting that something is documented, behaves like documented and yet you wonder about it. I also believe you can use multiple milters (amavisd-milter with others). Also, amavisd-new can be used for DKIM signing. It also supports SPF via spamassassin rules. btw I would consider replacing milter-greylist with postscreen. http://www.postfix.org/POSTSCREEN_README.html Thus you could reduce number of third party software and complexity of your mail server setup. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #98652: Operation completed successfully.
