Re: OK to set /var/run/opendkim to group accessible and executable?

From: Steve Jenkins <steve_at_stevejenkins.com>
Date: Mon, 30 Mar 2015 09:42:36 -0700

Thanks, Scott. That makes sense.

But I hesitate to point "beginning to intermediate" users (the audience for
my how-tp post) toward master.cf, as they can (generally) do a lot more
damage in there than in main.cf. I think I'll keep recommending the unix
sockets for noobs, and leave the master.cf edits for more advanced users.

SJ

On Mon, Mar 30, 2015 at 9:21 AM, Scott Kitterman <ietf-dkim_at_kitterman.com>
wrote:

> On Monday, March 30, 2015 09:07:36 AM Steve Jenkins wrote:
> > On Sun, Mar 29, 2015 at 5:18 AM, Scott Kitterman <
> ietf-dkim_at_kitterman.com>
> >
> > wrote:
> > > If you're using the Unix socket to connect to the milter, this is
> pretty
> > > normal. Personally, I tend to use TCP sockets to avoid trouble like
> this.
> > > Since the postfix configuration isn't in the bug, this is a bit of a
> > > guess.
> >
> > Hi, Scott. Are you using TCP sockets in your Postfix config? If so, what
> > does that look like?
>
> Yes. There's lots of ways to do it. I set it up per SMTP service. Here's
> the /etc/postfix/master.cf snippet for my submission (port 587) service:
>
> submission inet n - - - - smtpd
> -o syslog_name=postfix/submission
> -o smtpd_tls_security_level=encrypt
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> -o milter_macro_daemon_name=ORIGINATING
> -o smtpd_milters=inet:localhost:8892
>
> smtpd_milters=inet:localhost:8892 is the relevant bit.
>
> Scott K
>
>
Received on Mon Mar 30 2015 - 16:42:51 PST

This archive was generated by hypermail 2.3.0 : Mon Mar 30 2015 - 16:45:02 PST