Hello @mag007 and thank you very much for the howto.
As small addition:
Under certain circumstances (e.g. if Spamassassin has been configured in UCS) it can happen that when using “DomainKeys Identified Mail” (DKIM) the entry is duplicated or even tripled.
With standard settings, every mail sent is checked by Amavis and then run through postfix again, which adds an additional DKIM header. However, this can be prevented with the appropriate configuration.
A german tutorial with detailed background information is available here (newsportal.koeln):
Unfortunately, with UCS, at the moment a template file has to be changed as shown below.
root@mail:~# diff -u /etc/univention/templates/files/etc/postfix/master.cf.d/30_antivir_ORIGINAL /etc/univention/templates/files/etc/postfix/master.cf.d/30_antivir
--- /etc/univention/templates/files/etc/postfix/master.cf.d/30_antivir_ORIGINAL 2020-02-18 23:42:35.041259401 +0100
+++ /etc/univention/templates/files/etc/postfix/master.cf.d/30_antivir 2020-02-18 23:44:06.876020444 +0100
@@ -21,5 +21,5 @@
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
- -o receive_override_options=no_address_mappings''' % {"maxproc": configRegistry.get("mail/antivir/max_servers", "2")}
+ -o receive_override_options=no_address_mappings,no_milters''' % {"maxproc": configRegistry.get("mail/antivir/max_servers", "2")}
@!@
root@mail:~# ucr commit /etc/postfix/master.cf
Multifile: /etc/postfix/master.cf
root@mail:~# systemctl restart postfix.service
The easiest way to check the result is to use a mail reply service, for example the service of Port25. Just send an (empty) mail to check-auth@verifier.port25.com and check the result sent back to you.
hth, Greetings Lutz