From 924c96d55540eeeeb4556b51e4fc3ae560a026fd Mon Sep 17 00:00:00 2001 From: Scott Kitterman Date: Fri, 9 Mar 2018 22:50:07 -0500 Subject: [PATCH] - Added example in README to show use of MacroList* to separate inbound and outbound mail streams --- CHANGES | 2 ++ README | 31 +++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/CHANGES b/CHANGES index 26944b8..d46a5fa 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,8 @@ - Beta 1 (updated Alpha -> Beta warning in README and trove classifiers) - Added support for MacroList option - Added support for MacroListVerify option + - Added example in README to show use of MacroList* to separate inbound and + outbound mail streams 0.9.4 2018-03-09 - Create PID directory if it is missing diff --git a/README b/README index 4ef8cae..1bfb561 100644 --- a/README +++ b/README @@ -86,6 +86,37 @@ submission inet n - - - - smtpd These need to match the Socket value for each dkimpy-milter instance. +Care is required to segregate outbound mail to be signed and inbound mail to +be verified. The above example uses two instances of dkimpy-milter to do +this. There are many possible ways. Here is another example using milter +macros to keep the mail streams segregated: + +Postfix master.cf: + +smtp inet n - - - - smtpd + ... + -o smtpd_milters=inet:localhost:8891 + -o milter_macro_daemon_name=VERIFYING + ... + +submission inet n - - - - smtpd + -o syslog_name=postfix/submission + -o smtpd_tls_security_level=encrypt + -o smtpd_sasl_auth_enable=yes + ... + -o milter_macro_daemon_name=ORIGINATING + -o smtpd_milters=inet:localhost:8891 + ... + +Dkimpy-milter.conf: + +... +Mode sv +MacroList dameon_name|ORIGINATING +MacroListVerify daemon_name|VERIFYING +... + + The python DKIM library, dkimpy, requires the entire message being signed or verified to be in memory, so dkimpy-milter does not write messages out to a temp file. This may impact performance on low-memory systems.