|
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 |
- # Please don't modify this file as your changes might be overwritten with
- # the next update.
- #
- # You can modify 'local.d/dkim_signing.conf' to add and merge
- # parameters defined inside this section
- #
- # You can modify 'override.d/dkim_signing.conf' to strictly override all
- # parameters defined inside this section
- #
- # See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
- # for details
-
-
- # To configure this module, please also check the following document:
- # https://rspamd.com/doc/tutorials/scanning_outbound.html and
- # https://rspamd.com/doc/modules/dkim_signing.html
-
- # To enable this module define the following attributes:
- # path = "/var/lib/rspamd/dkim/$domain.$selector.key";
- # OR
- # domain { ... }, if you use per-domain conf
- # OR
- # set `use_redis=true;` and define redis servers
-
- dkim_signing {
- # If false, messages with empty envelope from are not signed
- allow_envfrom_empty = true;
- # If true, envelope/header domain mismatch is ignored
- allow_hdrfrom_mismatch = false;
- # If true, multiple from headers are allowed (but only first is used)
- allow_hdrfrom_multiple = false;
- # If true, username does not need to contain matching domain
- allow_username_mismatch = false;
- # Default path to key, can include '$domain' and '$selector' variables
- #path = "/var/lib/rspamd/dkim/$domain.$selector.key";
- # Default selector to use
- selector = "dkim";
- # If false, messages from authenticated users are not selected for signing
- sign_authenticated = true;
- # If false, messages from local networks are not selected for signing
- sign_local = true;
- # Symbol to add when message is signed
- symbol = "DKIM_SIGNED";
- # Whether to fallback to global config
- try_fallback = true;
- # Domain to use for DKIM signing: can be "header" or "envelope"
- use_domain = "header";
- # Whether to normalise domains to eSLD
- use_esld = true;
- # Whether to get keys from Redis
- use_redis = false;
- # Hash for DKIM keys in Redis
- key_prefix = "DKIM_KEYS";
-
- # Domain specific settings
- #domain {
- # example.com {
- # selectors [
- # { # Private key path
- # path = "/var/lib/rspamd/dkim/example.key";
- # # Selector
- # selector = "ds";
- # },
- # { # multiple dkim signature
- # path = "/var/lib/rspamd/dkim/eddsa.key";
- # selector = "eddsa";
- # }
- # ]
- # }
- #}
-
-
-
- .include(try=true,priority=5) "${DBDIR}/dynamic/dkim_signing.conf"
- .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim_signing.conf"
- .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim_signing.conf"
- }
|