Hey folks, I recently set up an e-mail encryption gateway (Ciphermail Community Edition) on a separate machine. The virtual Servers are connected via VLAN and everything works as expected, except DKIM signing. The signature is attached but breaks after the mail has been encrypted. It works as following: 1. all sent mails are forwarded to the gateway 2. processing takes place like encryption 3. mail is reinjected on port 10026 4. mail is delivered (dkim signature is invalid) I need a way to postpone the dkim signature to basically the point after the mail has been reinjected for sending out. It would help if I knew how to tell rspamd to sign mails only when they are delivered from the source of 10.1.0.30 (which is the gateway on the vlan). Does anybody of the community know how to do that? Any help and pointers to where I could start are highly appreciated. Thanks a lot in advance! 😊

Delay DKIM signing

pgreivel

Hey folks,

I recently set up an e-mail encryption gateway (Ciphermail Community Edition) on a separate machine. The virtual Servers are connected via VLAN and everything works as expected, except DKIM signing. The signature is attached but breaks after the mail has been encrypted.

It works as following:

all sent mails are forwarded to the gateway
processing takes place like encryption
mail is reinjected on port 10026
mail is delivered (dkim signature is invalid)

I need a way to postpone the dkim signature to basically the point after the mail has been reinjected for sending out.

It would help if I knew how to tell rspamd to sign mails only when they are delivered from the source of 10.1.0.30 (which is the gateway on the vlan).

Does anybody of the community know how to do that? Any help and pointers to where I could start are highly appreciated.

Thanks a lot in advance! 😊

pgreivel

Hey guys,

anybody? At least a hint?

ETNyx

It’s possible that you are looking for Postfix proxy, or in terms of postfix “before queue filter” like this?
Internet -> First Postifx smtp service -> BFQ (where you send email to your encryption service) -> Second Postfix smtp service -> standard queue. Search for it there is docs page in Postifx doc covering this topic for sure.