Dnia 31.10.2019 o godz. 12:16:56 linkcheck pisze: > > What changes to main/master do I need to make in order to DKIM sign all mail > once only, preferably before spamassassin?
Not long ago I asked a similar question here. The best answer is to use spamassassin as a milter, not as a post-queue content filter as you have (and as I had). After I changed configuration to run spamassassin as milter, everything is signed only once. This is the relevant part of my config: main.cf: smtpd_milters = inet:localhost:10025, unix:spamass/spamass.sock non_smtpd_milters = inet:localhost:10025 (DKIM is running on localhost:10025) master.cf: submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -o smtpd_milters=inet:localhost:10025 As you can see, I don't run spamassassin on outgoing mail (either submitted via /usr/sbin/sendmail or via submission port - in both cases there is only DKIM specified in milters, and spamassassin is run only for smtpd. If you want to run spamassassin for outgoing mail too, you should add unix:spamass/spamass.sock to non_smtpd_milters as well and remove the "-o smtpd_milters=..." line from aobove master.cf entry. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
