36 lines
1.6 KiB
Plaintext
36 lines
1.6 KiB
Plaintext
# If false, messages with empty envelope from are not signed
|
|
allow_envfrom_empty = true;
|
|
# If true, envelope/header domain mismatch is ignored
|
|
allow_hdrfrom_mismatch = true;
|
|
# If true, multiple from headers are allowed (but only first is used)
|
|
allow_hdrfrom_multiple = true;
|
|
# If true, username does not need to contain matching domain
|
|
allow_username_mismatch = true;
|
|
# If false, messages from authenticated users are not selected for signing
|
|
sign_authenticated = true;
|
|
# Default path to key, can include '$domain' and '$selector' variables
|
|
path = "/data/dkim/keys/$domain.dkim";
|
|
# Default selector to use
|
|
selector = "dkim";
|
|
# If false, messages from local networks are not selected for signing
|
|
sign_local = true;
|
|
# Symbol to add when message is signed
|
|
symbol = "DKIM_SIGNED";
|
|
# Whether to fallback to global config
|
|
try_fallback = true;
|
|
# Domain to use for DKIM signing: can be "header" or "envelope"
|
|
use_domain = "envelope";
|
|
# Whether to normalise domains to eSLD
|
|
use_esld = false;
|
|
# Whether to get keys from Redis
|
|
use_redis = true;
|
|
# Hash for DKIM keys in Redis
|
|
key_prefix = "DKIM_PRIV_KEYS";
|
|
# Selector map
|
|
selector_prefix = "DKIM_SELECTORS";
|
|
# Sieve is in sign_networks only
|
|
# forwards are arc signed, rejects are dkim signed
|
|
sign_networks = "/etc/rspamd/custom/dovecot_trusted.map";
|
|
use_domain_sign_networks = "header";
|
|
sign_headers = "from:sender:reply-to:subject:date:message-id:to:cc:mime-version:content-type:content-transfer-encoding:resent-to:resent-cc:resent-from:resent-sender:resent-message-id:in-reply-to:references:list-id:list-help:list-owner:list-unsubscribe:list-subscribe:list-post:openpgp:autocrypt";
|