# Please don't modify this file as your changes might be overwritten with # the next update. # # You can modify '$LOCAL_CONFDIR/rspamd.conf.local.override' to redefine # parameters defined on the top level # # You can modify '$LOCAL_CONFDIR/rspamd.conf.local' to add # parameters defined on the top level # # For specific modules or configuration you can also modify # '$LOCAL_CONFDIR/local.d/file.conf' - to add your options or rewrite defaults # '$LOCAL_CONFDIR/override.d/file.conf' - to override the defaults # # See https://rspamd.com/doc/tutorials/writing_rules.html for details # To configure this module, please also check the following document: # https://rspamd.com/doc/tutorials/scanning_outbound.html and # https://rspamd.com/doc/modules/dkim_signing.html # To enable this module define the following attributes: # path = "/var/lib/rspamd/dkim/$domain.$selector.key"; # OR # domain { ... }, if you use per-domain conf # OR # set `use_redis=true;` and define redis servers dkim_signing { # If false, messages with empty envelope from are not signed allow_envfrom_empty = true; # If true, envelope/header domain mismatch is ignored allow_hdrfrom_mismatch = false; # If true, multiple from headers are allowed (but only first is used) allow_hdrfrom_multiple = false; # If true, username does not need to contain matching domain allow_username_mismatch = false; # If false, messages from authenticated users are not selected for signing auth_only = true; # Default path to key, can include '$domain' and '$selector' variables #path = "/var/lib/rspamd/dkim/$domain.$selector.key"; # Default selector to use selector = "dkim"; # If false, messages from local networks are not selected for signing sign_local = true; # Symbol to add when message is signed symbol = "DKIM_SIGNED"; # Whether to fallback to global config try_fallback = true; # Domain to use for DKIM signing: can be "header" or "envelope" use_domain = "header"; # Whether to normalise domains to eSLD use_esld = true; # Whether to get keys from Redis use_redis = false; # Hash for DKIM keys in Redis hash_key = "DKIM_KEYS"; # Domain specific settings #domain { # example.com { # # Private key path # path = "/var/lib/rspamd/dkim/example.key"; # # Selector # selector = "ds"; # } #} .include(try=true,priority=5) "${DBDIR}/dynamic/dkim_signing.conf" .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim_signing.conf" .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim_signing.conf" }