How to implement signature (using alertMIME) and signing
Noel Jones
njones at megan.vbhcs.org
Mon Dec 19 21:14:56 CET 2011
On 12/18/2011 11:18 PM, Pandu Poluan wrote:
> Hello list,
>
> I'm planning to implement a 'signing' mail server, i.e., a mail
> server that adds a signature (disclaimer, actually) plus DKIM signature.
>
> The latter I know can be performed by amavis, while the former
> performed by alertMIME.
>
> The issue that makes this complicated is that I also want to utilize
> greylisting (using Postfix's postscreen) and spamfiltering (just in
> case the external accounts got cracked).
>
> I'm guessing the order of processing would be:
>
> 1. TLS
> 2. postscreen greylisting
DO NOT use postscreen or greylisting on authorized external mail.
To protect against cracked accounts, use postfwd or policyd to
implement rate limits.
> 3. spamfiltering
The usefulness of spam filtering on authorized external mail is
debatable, so decide for yourself if you really need it.
But virus scanning is a good idea. Again, rate limits are a better
defense.
Both virus and spam scanning are already handled by amavisd-new.
> 4. disclaimer append
> 5. DKIM sign
Disclaimers and DKIM signing can be done in amavisd-new, and much
easier than implementing them separately. Doing them in amavisd-new
eliminates the question of "order", since it's handled correctly for
you.
-- Noel Jones
More information about the amavis-users
mailing list