mailcow/data/conf/rspamd/local.d/arc.conf

# If false, messages with empty envelope from are not signed
allow_envfrom_empty = false;
# If true, envelope/header domain mismatch is ignored
allow_hdrfrom_mismatch = false;
# If true, multiple from headers are allowed (but only first is used)
allow_hdrfrom_multiple = true;
# If true, username does not need to contain matching domain
allow_username_mismatch = false;
# If false, messages from authenticated users are not selected for signing
auth_only = true;
# Default path to key, can include '$domain' and '$selector' variables
path = "/data/dkim/keys/$domain.dkim";
# Default selector to use
selector = "dkim";
# If false, messages from local networks are not selected for signing
sign_local = true;
# Symbol to add when message is signed
symbol = "ARC_SIGNED";
# Whether to fallback to global config
try_fallback = true;
# Domain to use for DKIM signing: can be "header" or "envelope"
use_domain = "envelope";
# Whether to normalise domains to eSLD
use_esld = false;
# Whether to get keys from Redis
use_redis = true;
# Hash for DKIM keys in Redis
key_prefix = "DKIM_PRIV_KEYS";
# Selector map
selector_prefix = "DKIM_SELECTORS";
sign_inbound = true;
use_domain_sign_inbound = "recipient";
Switch to Rspamds milter interface 2017-06-07 04:00:34 +08:00			`# If false, messages with empty envelope from are not signed`
			`allow_envfrom_empty = false;`
			`# If true, envelope/header domain mismatch is ignored`
			`allow_hdrfrom_mismatch = false;`
			`# If true, multiple from headers are allowed (but only first is used)`
			`allow_hdrfrom_multiple = true;`
			`# If true, username does not need to contain matching domain`
[Rspamd] ARC: Disallow login/domain mismatch 2017-07-21 17:03:35 +08:00			`allow_username_mismatch = false;`
Switch to Rspamds milter interface 2017-06-07 04:00:34 +08:00			`# If false, messages from authenticated users are not selected for signing`
			`auth_only = true;`
			`# Default path to key, can include '$domain' and '$selector' variables`
			`path = "/data/dkim/keys/$domain.dkim";`
			`# Default selector to use`
			`selector = "dkim";`
			`# If false, messages from local networks are not selected for signing`
			`sign_local = true;`
			`# Symbol to add when message is signed`
			`symbol = "ARC_SIGNED";`
			`# Whether to fallback to global config`
			`try_fallback = true;`
			`# Domain to use for DKIM signing: can be "header" or "envelope"`
			`use_domain = "envelope";`
			`# Whether to normalise domains to eSLD`
			`use_esld = false;`
			`# Whether to get keys from Redis`
			`use_redis = true;`
			`# Hash for DKIM keys in Redis`
			`key_prefix = "DKIM_PRIV_KEYS";`
			`# Selector map`
			`selector_prefix = "DKIM_SELECTORS";`
[Rspamd] Sign ARC inbonud, thanks to @Kraeutergarten 2019-06-11 17:41:59 +08:00			`sign_inbound = true;`
			`use_domain_sign_inbound = "recipient";`