Postfix client cert info not being passed to opendkim milter

postfix client-certificate milter

Because you only accept authenticated mail anyway, you do not need to pass information about which method was used to opendkim - only the (boolean) distinction between ports that have mandatory authentication (sign) and ports that do not offer authentication (verify).

You can set -o milter_macro_daemon_name=whatever in master.cf to let opendkim know which mail should be signed. That macro would otherwise default to $myhostname, but by using (arbitrary, opendkim does not care) different values for verifying-only and for mandatory-auth ports you can distinguish them.

Docs recommend using ORIGINATING and VERIFYING to make it super obvious. MacroList in your opendkim.conf can then check whether daemon_name is equal to whatever you set.

Related

AUTH NTLM Authentication Format
CentOS 8 network on boot
Can the Upgrade: header have spaces between the comma?
Haproxy acl based on URL param existence
Where to download Sun Solaris 10 SPARC 64bit installation cd's?
auspex LFS backups
NTP synchronizing always in local
What is shrink_slab, and why is it showing up in /var/log/messages?
Install PHP 7.1 on CentOS 8.3
Can a currupt backup cause a hardrive failure?
File open/copy extremely slow after VM moved to new host
How do production web applications make backups? [closed]