Struggling with DKIM signing
Nick Howitt
nick at howitts.co.uk
Tue Nov 5 18:09:10 CET 2024
On 05/11/2024 16:58, Damian wrote:
>> The submission service still exists, so I should:
>> 1 - get rid of the 127.0.0.1:10026 but from master.cf.
>> 2 - in master.cf change the submission line "-o content_filter=smtp-
>> amavis:[127.0.0.1]:10024" to "-o content_filter=smtp-amavis:
>> [127.0.0.1]:10028" (just to avoid 10026 for now)
>> 3 - in amavis 50-user add:
>> $inet_socket_port = [10024,10028]; # listen on two ports
>> $interface_policy{'10028'} = 'ORIGINATING';
>>
>> And that should do it?
>
> Yes. You should see "ORIGINATING" as part of the "Passed CLEAN" log
> line, and no more "...OpenRelay".
Yes that looks good now, thanks.
I don't see any SPF or DMARC checking in the headers on inbound email
and I am currently researching it. The inbound log looks like:
2024-11-05T16:50:43.961525+00:00 mail-www amavis[3676918]: (3676918-01)
Passed CLEAN {RelayedOpenRelay}, [34.209.113.130]:51018 [34.209.113.130]
<auth-results at verifier.port25.com> -> <nick at howitts.co
.uk>, Queue-ID: BCE6A70E4F6, Message-ID:
<1730825436-993462 at verifier.port25.com>, mail_id: LcyUZ9a6Yz7F, Hits:
1.193, size: 13753, queued_as: E6F3C70E4F7,
dkim_sd=verifier201208:port25.com, 5649 ms
2024-11-05T16:50:43.964107+00:00 mail-www postfix/amavis/smtp[3677470]:
BCE6A70E4F6: to=<nick at howitts.co.uk>, relay=127.0.0.1[127.0.0.1]:10024,
delay=6.4, delays=0.72/0/0.01/5.6, dsn=2.0.0, status=se
nt (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250
2.0.0 Ok: queued as E6F3C70E4F7)
Nothing from ClamAV, pyzor or razor either.
More information about the amavis-users
mailing list