I'm using OpenDKIM to sign mail on my Postfix server. It works as intended when sending with SMTPS from it's origin domain (let's say example.com
). However, mail set out from SMTP clients on the LAN are not being signed. Said clients do not have from the same origin domain (for example client1.lan
), but are translated with smtp_generic_maps
to the same origin (specifically client1@example.com
). Ideally, I want to sign that outgoing mail.
In /etc/postfix/main.cf I have:
smtpd_milters = unix:/var/run/opendkim/opendkim.sock
non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock
In /etc/opendkim.conf I have:
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
In /etc/opendkim/TrustedHosts I have:
::1
127.0.0.1
localhost
ip6-localhost
ip6-loopback
mail
10.0.0.0/24
*.lan
Best Answer
In Postfix make sure
/etc/postfix/main.conf
contains:This will ensure that mail coming from authenticated users will be signed by OpenDKIM. As per documentation: