Postfix client cert info not being passed to opendkim milter
Because you only accept authenticated mail anyway, you do not need to pass information about which method was used to opendkim - only the (boolean) distinction between ports that have mandatory authentication (sign) and ports that do not offer authentication (verify).
You can set -o milter_macro_daemon_name=whatever
in master.cf
to let opendkim know which mail should be signed. That macro would otherwise default to $myhostname
, but by using (arbitrary, opendkim does not care) different values for verifying-only and for mandatory-auth ports you can distinguish them.
Docs recommend using ORIGINATING
and VERIFYING
to make it super obvious. MacroList
in your opendkim.conf
can then check whether daemon_name
is equal to whatever you set.