Hi Mark, > Authentication-Result header field is only added for local recipients. > Perhaps your mailing list's domain is not considered local?
I just reply to this issue right now, because I think it might be crucial for diagnosing the rest. :-) I just tried sending, with the configuration as shown before, from the SMTP via port 587, from user1@domain to user2@domain. This results in the following headers: == Delivered-To: [email protected] Received: from localhost (localhost [127.0.0.1]) by server1.mydomain.tld (Postfix) with ESMTP id B2BFF1BF21FA for <[email protected]>; Wed, 19 Jan 2011 13:27:31 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d= mydomain.tld; h=content-transfer-encoding:content-type :content-type:subject:subject:mime-version:user-agent :organization:from:from:date:date:message-id:received:received; s=20110105; t=1295440049; bh=... X-Virus-Scanned: amavisd-new at server1.mydomain.tld X-Spam-Flag: NO X-Spam-Score: -2.9 X-Spam-Level: X-Spam-Status: No, score=-2.9 tagged_above=-999 required=5.5 tests=[ALL_TRUSTED=-1, BAYES_00=-1.9] autolearn=ham Received: from server1.mydomain.tld ([127.0.0.1]) by localhost (server1.mydomain.tld [127.0.0.1]) (amavisd-new, port 10026) with LMTP id q3qmjkWVTU+p for <[email protected]>; Wed, 19 Jan 2011 13:27:29 +0100 (CET) Received: from myclient.remotenet (1-2-3-4.dialup.myisp.tld [1.2.3.4]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: floeff) by server1.mydomain.tld (Postfix) with ESMTPSA id 073281BF21EE for <[email protected]>; Wed, 19 Jan 2011 13:27:28 +0100 (CET) == So, the message is passed through amavisd, spamassassin is invoked, and DKIM signatures are being added -- however, the Authentication-Results header is missing. This seems to happen from all local users to all local users, independent from the domain names (and all of them are in @local_domains_acl). $enable_dkim_verification = 1 is enabled globally, not just inside a policy bank. When mail from external users comes in, it seems to work like a charm. As an example, sending from Google Mail results in Authentication-Results headers just before SpamAssassin is invoked: == X-Spam-Status: No, score=-2.69 tagged_above=-999 required=5.5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_TO_NO_BRKTS_FREEMAIL=0.01] autolearn=ham Authentication-Results: server1.mydomain.tld (amavisd-new); dkim=pass [email protected] Authentication-Results: server1.mydomain.tld (amavisd-new); domainkeys=pass [email protected] == The difference, of course, is that external mail gets injected with port 25, while local users send through port 587. However, I just tried using port 25, but still no Authentication-Result header... I also tried to remove one of the affected domains from the @local_domains_acl, same result. Any idea why this happens, why the Authentication-Results header is missing? I guess diagnosing that might help a lot in nailing down the other issues... :) Most probably it's just a little configuration I'm missing... Thanks a lot! Florian ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
