Pierre-Olivier Mercier
d53c1b1e00
All checks were successful
continuous-integration/drone/push Build is passing
Parse TLS details (version, cipher, bits, cert verification) from the Postfix Received header parenthetical and expose them per hop, rendered as a per-hop badge in the Email Path card. Add an x-tls Authentication-Results result: parse it when present, and otherwise synthesize it from the inbound hop's TLS info. A negative result (unencrypted inbound connection) applies a -10 authentication score penalty and is shown in the Authentication card. Enable the TLS handler in authentication_milter. Closes: #40
77 lines
1.4 KiB
JSON
77 lines
1.4 KiB
JSON
{
|
|
"logtoerr" : "1",
|
|
"error_log" : "",
|
|
"connection" : "unix:/var/spool/postfix/authentication_milter/authentication_milter.sock",
|
|
"umask" : "0007",
|
|
"runas" : "mail",
|
|
"rungroup" : "mail",
|
|
"authserv_id" : "__HOSTNAME__",
|
|
|
|
"connect_timeout" : 30,
|
|
"command_timeout" : 30,
|
|
"content_timeout" : 300,
|
|
"dns_timeout" : 10,
|
|
"dns_retry" : 2,
|
|
|
|
"handlers" : {
|
|
|
|
"Sanitize" : {
|
|
"hosts_to_remove" : [
|
|
"__HOSTNAME__"
|
|
],
|
|
"extra_auth_results_types" : [
|
|
"X-Spam-Status",
|
|
"X-Spam-Report",
|
|
"X-Spam-Level",
|
|
"X-Spam-Checker-Version"
|
|
]
|
|
},
|
|
|
|
"SPF" : {
|
|
"hide_none" : 0
|
|
},
|
|
|
|
"DKIM" : {
|
|
"hide_none" : 0,
|
|
},
|
|
|
|
"XGoogleDKIM" : {
|
|
"hide_none" : 1,
|
|
},
|
|
|
|
"ARC" : {
|
|
"hide_none" : 0,
|
|
},
|
|
|
|
"DMARC" : {
|
|
"hide_none" : 0,
|
|
"detect_list_id" : "1"
|
|
},
|
|
|
|
"BIMI" : {},
|
|
|
|
"PTR" : {},
|
|
|
|
"TLS" : {},
|
|
|
|
"SenderID" : {
|
|
"hide_none" : 1
|
|
},
|
|
|
|
"IPRev" : {},
|
|
|
|
"Auth" : {},
|
|
|
|
"AlignedFrom" : {},
|
|
|
|
"LocalIP" : {},
|
|
|
|
"TrustedIP" : {
|
|
"trusted_ip_list" : []
|
|
},
|
|
|
|
"!AddID" : {},
|
|
|
|
"ReturnOK" : {}
|
|
}
|
|
}
|