Matus UHLAR - fantomas:
> From what I remember, milter running within instance that does canonical
> mapping does NOT see the mapping results, at least for envelope sender
> address, so for DKIM-signing outgoing mail via opendkim I've had to
> implement anotger instance that takes canonicalized e-mail and signs it.
With this:
main.cf:
local_header_rewrite_clients = permit_mynetworks,
permit_sasl_authenticated, permit_tls_clientcerts
A single Postfix instance should be able to:
- Canonicalize envelopes and headers, and sign DKIM.
- Not canonicalize headers, do canonicalize envelopes, and verify DKIM.
My single server has "local_header_rewrite_clients = permit_mynetworks"
because it does not have submission/smtps clients on random IP addresses.
Wietse
