Initial commit.
This commit is contained in:
75
rspamd/modules.d/dkim_signing.conf
Normal file
75
rspamd/modules.d/dkim_signing.conf
Normal file
@@ -0,0 +1,75 @@
|
||||
# Please don't modify this file as your changes might be overwritten with
|
||||
# the next update.
|
||||
#
|
||||
# You can modify 'local.d/dkim_signing.conf' to add and merge
|
||||
# parameters defined inside this section
|
||||
#
|
||||
# You can modify 'override.d/dkim_signing.conf' to strictly override all
|
||||
# parameters defined inside this section
|
||||
#
|
||||
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
|
||||
# for details
|
||||
|
||||
|
||||
# To configure this module, please also check the following document:
|
||||
# https://rspamd.com/doc/tutorials/scanning_outbound.html and
|
||||
# https://rspamd.com/doc/modules/dkim_signing.html
|
||||
|
||||
# To enable this module define the following attributes:
|
||||
# path = "/var/lib/rspamd/dkim/$domain.$selector.key";
|
||||
# OR
|
||||
# domain { ... }, if you use per-domain conf
|
||||
# OR
|
||||
# set `use_redis=true;` and define redis servers
|
||||
|
||||
dkim_signing {
|
||||
# If false, messages with empty envelope from are not signed
|
||||
allow_envfrom_empty = true;
|
||||
# If true, envelope/header domain mismatch is ignored
|
||||
allow_hdrfrom_mismatch = false;
|
||||
# If true, multiple from headers are allowed (but only first is used)
|
||||
allow_hdrfrom_multiple = false;
|
||||
# If true, username does not need to contain matching domain
|
||||
allow_username_mismatch = false;
|
||||
# Default path to key, can include '$domain' and '$selector' variables
|
||||
#path = "/var/lib/rspamd/dkim/$domain.$selector.key";
|
||||
# Default selector to use
|
||||
selector = "dkim";
|
||||
# If false, messages from authenticated users are not selected for signing
|
||||
sign_authenticated = true;
|
||||
# If false, messages from local networks are not selected for signing
|
||||
sign_local = true;
|
||||
# Symbol to add when message is signed
|
||||
symbol = "DKIM_SIGNED";
|
||||
# Whether to fallback to global config
|
||||
try_fallback = true;
|
||||
# Domain to use for DKIM signing: can be "header" or "envelope"
|
||||
use_domain = "header";
|
||||
# Whether to normalise domains to eSLD
|
||||
use_esld = true;
|
||||
# Whether to get keys from Redis
|
||||
use_redis = false;
|
||||
# Hash for DKIM keys in Redis
|
||||
key_prefix = "DKIM_KEYS";
|
||||
|
||||
# Domain specific settings
|
||||
domain {
|
||||
898.ro {
|
||||
selectors [
|
||||
{ # Private key path
|
||||
path = "/var/lib/rspamd/dkim/898.ro.dkim.key";
|
||||
# # Selector
|
||||
selector = "ds";
|
||||
}
|
||||
# { # multiple dkim signature
|
||||
# path = "/var/lib/rspamd/dkim/eddsa.key";
|
||||
# selector = "eddsa";
|
||||
# }
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
.include(try=true,priority=5) "${DBDIR}/dynamic/dkim_signing.conf"
|
||||
.include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/dkim_signing.conf"
|
||||
.include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/dkim_signing.conf"
|
||||
}
|
||||
Reference in New Issue
Block a user