Am 23.05.2021 um 12:32 schrieb flipchan:
Yeah, it was all working until I upgraded to 6.8, can someone else that
is running opensmtpd with dkim send me their smtpd.conf? I assume I have
written some rule wrong, not sure where doe
The config is all over the place. There is the rspamd filter and there
is DKIM tagging with a match rules order that can't reach the tagging.
It's like Martijn van Duren said, you are clearly using rspamd and not
dkimproxy_out, which means your debugging is way off.
But thinks got easier anyway. Please install filter-dkimsign.
# pkg_add opensmtpd-filter-dkimsign
Remove everything dkim and rspamd from your current smtpd.conf.
Add
filter "dkimsg" proc-exec "filter-dkimsign -d example.com -s default \
-k /var/dkimproxy/default.private -c relaxed/relaxed" \
user _dkimsign group _dkimsign
and edit the line
listen on vio0 port 587 hostname example.com tls-require pki
mail.example.com auth filter "rspamd"
to
listen on vio0 port 587 hostname example.com tls-require pki
mail.example.com auth filter "dkimsg"
Or
# cat /etc/mail/smtpd.conf
table aliases file:/etc/mail/aliases
pki mail.example.com cert "/etc/ssl/mail.example.com.crt"
pki mail.example.com key "/etc/ssl/private/mail.example.com.key"
filter "dkimsg" proc-exec "filter-dkimsign -d example.com -s default \
-k /var/dkimproxy/default.private -c relaxed/relaxed" \
user _dkimsign group _dkimsign
listen on vio0 port 587 hostname example.com tls-require pki
mail.example.com auth filter "dkimsg"
listen on vio0 port 25 hostname example.com tls pki mail.example.com
action "mbox" mbox alias <aliases>
action "relay" relay
match from any for domain example.com action "mbox"
match for local action "mbox"
match auth from any for any action "relay"
If you really need rspamd for spam filtering add it back in and add the
filter only to "listen on vio0 port 25". Otherwise uninstall it, since
even in "standby" it produces lots of DNS traffic.
HTH
