mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14569 Commits
28 Branches
Tree: e6e72472ad
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e6e72472ad'
${ noResults }
rspamd/conf/modules.d/dkim_signing.conf

dkim_signing.conf 2.7KB
Raw Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. # Please don't modify this file as your changes might be overwritten with

  2. # the next update.

  3. #

  4. # You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine

  5. # parameters defined on the top level

  6. #

  7. # You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add

  8. # parameters defined on the top level

  9. #

  10. # For specific modules or configuration you can also modify

  11. # '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults

  12. # '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults

  13. #

  14. # See https://rspamd.com/doc/tutorials/writing_rules.html for details

  15. 

  16. 

  17. # To configure this module, please also check the following document:

  18. # https://rspamd.com/doc/tutorials/scanning_outbound.html and

  19. # https://rspamd.com/doc/modules/dkim_signing.html

  20. 

  21. # To enable this module define the following attributes:

  22. # path = "/var/lib/rspamd/dkim/$domain.$selector.key";

  23. # OR

  24. # domain { ... }, if you use per-domain conf

  25. # OR

  26. # set `use_redis=true;` and define redis servers

  27. 

  28. dkim_signing {

  29.   # If false, messages with empty envelope from are not signed

  30.   allow_envfrom_empty = true;

  31.   # If true, envelope/header domain mismatch is ignored

  32.   allow_hdrfrom_mismatch = false;

  33.   # If true, multiple from headers are allowed (but only first is used)

  34.   allow_hdrfrom_multiple = false;

  35.   # If true, username does not need to contain matching domain

  36.   allow_username_mismatch = false;

  37.   # If false, messages from authenticated users are not selected for signing

  38.   auth_only = true;

  39.   # Default path to key, can include '$domain' and '$selector' variables

  40.   #path = "/var/lib/rspamd/dkim/$domain.$selector.key";

  41.   # Default selector to use

  42.   selector = "dkim";

  43.   # If false, messages from local networks are not selected for signing

  44.   sign_local = true;

  45.   # Symbol to add when message is signed

  46.   symbol = "DKIM_SIGNED";

  47.   # Whether to fallback to global config

  48.   try_fallback = true;

  49.   # Domain to use for DKIM signing: can be "header" or "envelope"

  50.   use_domain = "header";

  51.   # Whether to normalise domains to eSLD

  52.   use_esld = true;

  53.   # Whether to get keys from Redis

  54.   use_redis = false;

  55.   # Hash for DKIM keys in Redis

  56.   key_prefix = "DKIM_KEYS";

  57. 

  58.   # Domain specific settings

  59.   #domain {

  60.   #  example.com {

  61.   #    selectors [

  62.   #      { # Private key path

  63.   #        path = "/var/lib/rspamd/dkim/example.key";

  64.   #        # Selector

  65.   #        selector = "ds";

  66.   #      },

  67.   #      { # multiple dkim signature

  68.   #        path = "/var/lib/rspamd/dkim/eddsa.key";

  69.   #        selector = "eddsa";

  70.   #      }

  71.   #    ]

  72.   #  }

  73.   #}

  74. 

  75. 

  76. 

  77.   .include(try=true,priority=5) "${DBDIR}/dynamic/dkim_signing.conf"

  78.   .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim_signing.conf"

  79.   .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim_signing.conf"

  80. }