e. I like having my own server and managing the install from
the operating system up, so maybe I just have to live with some spam filtering
of our outgoing email.
> On May 10, 2025, at 2:29 PM, Wietse Venema via Postfix-users
> wrote:
>
> Matus UHLAR - fantomas via Postfix-use
So continuing the saga ... digging into /etc/postfix/header_checks I found a
revision I made back in January to try to keep our outgoing email from having
headers with the IP address of the email client that sent the email to the
server and maybe keep Gmail from marking our outgoing email as SPA
Woo hoo! I think I found the issue! I'm guessing this is probably an obvious
thing, but I went line by line through my main.cf and found:
mime_header_checks = regexp:/etc/postfix/header_checks
header_checks = regexp:/etc/postfix/header_checks
Not sure when I added those (it's been quite a whil
HI Nick,
I had cut and pasted from the "Raw Source" view in mac Mail, but double checked
in the spool file and those are the headers received in that order.
Thanks,
Ken
> On May 9, 2025, at 7:27 PM, Nick Tait via Postfix-users
> wrote:
>
> On 10/05/2025 08:23, Ken B
28d--
A lot (but not all) of the failed DKIM validation emails are from mailing lists.
-Ken
> On May 9, 2025, at 9:18 AM, Matus UHLAR - fantomas via Postfix-users
> wrote:
>
> On 09.05.25 08:14, Ken Biggs via Postfix-users wrote:
>> Looking at the maillog, I notice policyd-spf
025-05-09 16:18:
>> On 09.05.25 08:14, Ken Biggs via Postfix-users wrote:
>>> Looking at the maillog, I notice policyd-spf is running before opendkim.
>>> Could that be modifying the email before dkim validation?
>> it should not.
>> I use pyspf-milter which is
> If OP uses content filter in front of the mailserver, changing spam filtering
> will not fix the issue.
>
> Dan has already recommended checking DKIM in SpamAssassin to see if it helps.
>
>> On Fri, 9 May 2025, 09:30 Matus UHLAR - fantomas via Postfix-users, <
>> pos
Looking at the maillog, I notice policyd-spf is running before opendkim. Could
that be modifying the email before dkim validation?
> On May 9, 2025, at 8:04 AM, Ken Biggs via Postfix-users
> wrote:
>
> I'm running spamass-milter.
> /etc/mail/spamassassin/v312.pre al
You will want the domain certificate first, then the certificate authority
bundle in a pem file.
> On May 8, 2025, at 6:08 PM, Dan Mahoney via Postfix-users
> wrote:
>
> There’s only one certificate in your chain, you need to send the intermediate
> cert as well.
>
> The cert you’re signing
OpenDKIM is failing signature verification on most incoming emails. Out of
1,146 incoming emails, 173 have been successfully verified and 973 have "bad
signature data". The failing emails include email from google, amazon,
sailthru, and many other reasonably technically capable firms that I w
10 matches
Mail list logo
