ghost
commented
3 years ago Is there an update here? I would like to get rid of DKIMproxy.
Open horia opened 5 years ago
ghost
commented
3 years ago Is there an update here? I would like to get rid of DKIMproxy.
horia
commented
3 years ago The configuration needs an update to use mail/opensmtpd-filters/rspamd to DKIM-sign with mail/rspamd, and drop mail/dkimproxy
ghost
commented
3 years ago I updated my configuration to use mail/opensmtpd-filter-dkimsign instead of mail/rspamd and it seems to work for now. But using it only a few days now.
hcl
commented
3 years ago I have made a working example smtpd.conf to replace the DKIMProxy with opensmtpd-filter-dkimsign for reference.
https://github.com/hcl/caesonia/blob/replace-dkimproxy/src/etc/mail/smtpd.conf
Katzeilla
commented
3 years ago @hcl
Looks good to me, will test this on my setup :)
We must DKIM-sign the user-provided Autocrypt header, to follow Autocrypt.org Best Practices for E-mail Service Providers.
DKIMproxy hard-coded signed headers (and it's not signing Autocrypt headers.)
Until OpenSMTPD filters (smtpfd) land in OpenBSD (6.5?), we might be stuck with DKIMproxy, instead of signing with Rspamd.