On Thu, 26 Nov 2009, Roman Gelfand wrote:
> My topology is dmz. The firewall passes the messages to the postfix
> server in dmz. Since opendkim milter is not going to be the first in
> line, it actually receives mail from postfix server 127.0.0.1. Unless
> you tell me otherwise, I don't want to neither sign nor verify
> 127.0.0.1. Unless it doesn't matter and opendkim is able to discern the
> original message source, how do you tell opendkim to ignore localhost
> hop?
Put 127.0.0.1 in the PeerList. This causes that host to be completely
ignored. The opendkim(8) and opendkim.conf(5) man pages contain
instructions for doing this both from the command line and the
configuration file.
The IP address/hostname of the client is only used when deciding whether
to sign or verify a message. If the injecting IP address always appears
as 127.0.0.1, you'll have some trouble deciding when to sign and when to
verify safely. How can you determine what's inbound and what's outbound?
Received on Thu Nov 26 2009 - 17:32:06 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:16:46 PST