Make filtermail use normal 127.0.0.1 as the source address#778
Make filtermail use normal 127.0.0.1 as the source address#778feld wants to merge 1 commit intochatmail:mainfrom feld:fix-filtermail-srcaddr
Conversation
On some OSes in you can use any address in the 127.0.0.0/8 range and it will work fine, but FreeBSD won't allow it.
feld
had a problem deploying
to
staging2.testrun.org
GitHub Actions
Failure
feld
had a problem deploying
to
staging-ipv4.testrun.org
GitHub Actions
Failure
| "localhost", | ||
| self.config.postfix_reinject_port_incoming, | ||
| source_address=("127.0.0.2", 0), | ||
| source_address=("127.0.0.1", 0), |
There was a problem hiding this comment.
See comment above, the reason for using 127.0.0.2 is to make opendkim verify DKIM signature. For messages that come from 127.0.0.1 it signs the message instead.
|
@feld how did you manage to get his freebsd relay running (with working cmping with other hosts, i assume) regarding OpenDKIM ? |
Relay probably signs incoming messages instead of verifying the signature if this change is applied. |
|
My incoming messages all show However, that may be due to running in a traditional FreeBSD jail without a full network stack (full network stack jails are VNET jails). In this scenario 127.0.0.1 gets remapped automatically to the IP of the jail, which would be something other than 127.0.0.1 when OpenDKIM sees it. That's likely what's going on, but I need to investigate further. |
|
DKIM passes because you still sign outgoing mails. But now for incoming mails you also sign them instead of verifying them. To make this less error-prone, one way would be to set |
3 participants
On some OSes in you can use any address in the 127.0.0.0/8 range and it will work fine, but FreeBSD won't allow it.