I've a postfix instance accepting mail submission from internal clients.
The configuration includes a DKIM signer
[int.mx.example.com]:465 inet n - n - - smtpd
...
-o smtpd_milters=unix:/run/dkimpy-milter/dkimpy-milter.sock
-o milter_macro_daemon_name=DKIM_ORIGINATING
...
It signs outbound as expected.
I'd like to all dkim interaction/processing for a single internal sender
(sen...@some.domain.com); ideally excluding it from pass to outbound milter at
all.
In docs
smtpd_milter_maps (default: empty)
Lookup tables with Milter settings per remote SMTP client IP
address. The lookup result overrides the smtpd_milters setting, and has the
same syntax.
Note: lookup tables cannot return empty responses. Specify a
lookup result of DISABLE (case does not matter) to indicate that Milter support
should be disabled.
Example to disable Milters for local clients:
/etc/postfix/main.cf:
smtpd_milter_maps = cidr:/etc/postfix/smtpd_milter_map
smtpd_milters = inet:host:port, { inet:host:port, ...
}, ...
/etc/postfix/smtpd_milter_map:
# Disable Milters for local clients.
127.0.0.0/8 DISABLE
192.168.0.0/16 DISABLE
::/64 DISABLE
2001:db8::/32 DISABLE
This feature is available in Postfix 3.2 and later.
provides an exclusion mechanism -- but, iiuc, ONLY (?) for "lookup tables ... per
remote SMTP client IP address".
I _can_ setup the sender to use an new/different smtpd listener in postfix
config.
Or, I can modify the DKIM signer (dunno yet if that's in code, or in config).
Certainly doable, tho a bit kludgy.
Is there a postfix exclusion map mechanism that'll safely work with a
sender/email lookup?
