Quote from: Wintrob-IT on Today at 05:46:58 PMBryanC1968, you are the best!!!!!! i almost formatted the firewall for the upgrade :)
mkdir usr/local/etc/rspamd/dkimrspamadm dkim_keygen -d sub.yourdomain.tld -s email -k /usr/local/etc/rspamd/dkim/email.key -b 2048 > /usr/local/etc/rspamd/dkim/email.txt
5. Set proper owner and ACL for key filechown rspamd:rspamd /usr/local/etc/rspamd/dkim/email.key
chmod 600 /usr/local/etc/rspamd/dkim/email.keyvi /usr/local/etc/rspamd/override.d/antivirus.confenabled = false;vi /usr/local/etc/rspamd/override.d/dkim_signing.confenabled = true;
sign_local = true; #send from known hosts and networks
auth_only = false; #send only from authenticated users
use_domain = envelope; #setting to from also worked for us but left at envelope in production
allow_hdrfrom_mismatch = false;
allow_username_mismatch = false;
use_esld = false; #needed if you are using a subdomain to send mail direct from a service e.g. nextcloud.example.com - esld will assume only the latter 2 parts are relevant and look for a domain that matches example.com and fail
use_redis = false; #in our case the keys were not loading to redis but rspamd dkim_signing module was treating it as the "source of truth" and failing to find the key
domain {
sub.yourdomain.tld {
selector = "email";
path = "/usr/local/etc/rspamd/dkim/email.key";
}
}rspamadm configtestservice rspamd restartvi testmail.eml with contentFrom: john.doe@sub.yourdomain.tld
To: jim.doe@example.com
Subject: Test DKIM Signing
This is a test email for DKIM signing.rspamc --pass-all -vvvv -i 10.0.3.10 -d jim.doe@example.com -F john.doe@sub.yourdomain.tld < testmail.emlIf signing is working properly then the response should include something likevi /usr/local/etc/rspamd/logging.inc appending the linedebug_modules = ["dkim_signing"]; then restart rspamd and try the test again. Log is in /var/logs/rspamd/rspamd.log.cat /usr/local/etc/rspamd/dkim/email.txt. Some DNS services will require you to remove some or all of the " "'s used to split the record before letting you add it.Quote from: JediFonger on Today at 06:10:28 PMon gui when i click on nut, i get the bug report crash.
opnsense-patch https://github.com/opnsense/core/commit/14710e775
pkg unlock nut