|
|
@@ -0,0 +1,68 @@ |
|
|
|
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine |
|
|
|
# parameters defined on the top level |
|
|
|
# |
|
|
|
# You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add |
|
|
|
# parameters defined on the top level |
|
|
|
# |
|
|
|
# For specific modules or configuration you can also modify |
|
|
|
# '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults |
|
|
|
# '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults |
|
|
|
# |
|
|
|
# See https://rspamd.com/doc/tutorials/writing_rules.html for details |
|
|
|
|
|
|
|
|
|
|
|
# To configure this module, please also check the following document: |
|
|
|
# https://rspamd.com/doc/tutorials/scanning_outbound.html and |
|
|
|
# https://rspamd.com/doc/modules/arc.html |
|
|
|
|
|
|
|
# To enable this module define the following attributes: |
|
|
|
# path = "/var/lib/rspamd/arc/$domain.$selector.key"; |
|
|
|
# OR |
|
|
|
# domain { ... }, if you use per-domain conf |
|
|
|
# OR |
|
|
|
# set `use_redis=true;` and define redis servers |
|
|
|
|
|
|
|
arc { |
|
|
|
# If false, messages with empty envelope from are not signed |
|
|
|
allow_envfrom_empty = true; |
|
|
|
# If true, envelope/header domain mismatch is ignored |
|
|
|
allow_hdrfrom_mismatch = false; |
|
|
|
# If true, multiple from headers are allowed (but only first is used) |
|
|
|
allow_hdrfrom_multiple = false; |
|
|
|
# If true, username does not need to contain matching domain |
|
|
|
allow_username_mismatch = false; |
|
|
|
# If false, messages from authenticated users are not selected for signing |
|
|
|
auth_only = true; |
|
|
|
# Default path to key, can include '$domain' and '$selector' variables |
|
|
|
#path = "/var/lib/rspamd/arc/$domain.$selector.key"; |
|
|
|
# Default selector to use |
|
|
|
selector = "arc"; |
|
|
|
# If false, messages from local networks are not selected for signing |
|
|
|
sign_local = true; |
|
|
|
# Symbol to add when message is signed |
|
|
|
symbol_sign = "ARC_SIGNED"; |
|
|
|
# Whether to fallback to global config |
|
|
|
try_fallback = true; |
|
|
|
# Domain to use for DKIM signing: can be "header" or "envelope" |
|
|
|
use_domain = "header"; |
|
|
|
# Whether to normalise domains to eSLD |
|
|
|
use_esld = true; |
|
|
|
# Whether to get keys from Redis |
|
|
|
use_redis = false; |
|
|
|
# Hash for ARC keys in Redis |
|
|
|
key_prefix = "ARC_KEYS"; |
|
|
|
|
|
|
|
# Domain specific settings |
|
|
|
#domain { |
|
|
|
# example.com { |
|
|
|
# # Private key path |
|
|
|
# path = "/var/lib/rspamd/arc/example.key"; |
|
|
|
# # Selector |
|
|
|
# selector = "ds"; |
|
|
|
# } |
|
|
|
#} |
|
|
|
|
|
|
|
.include(try=true,priority=5) "${DBDIR}/dynamic/arc.conf" |
|
|
|
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/arc.conf" |
|
|
|
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/arc.conf" |
|
|
|
} |