DKIM for locally submitted mail - set content_filter = amavis:[127.0.0.1]:10026

With amavis, the default value of content_filter set by ISPConfig is:

content_filter = amavis:[127.0.0.1]:10024

Port 10024 is used for incoming mail, not outgoing, and DKIM signing is available on port 10026 in amavis config:

$interface_policy{'10026'} = 'ORIGINATING'; $policy_bank{'ORIGINATING'} = { originating => 1, };

This results in all mail submitted locally:

• cron jobs
• ISPConfig when "Use SMTP to send system mails" is unset
• other applications calling /usr/sbin/sendmail (standard way to submit mail) is sent without DKIM signature.

Since ALL mail received via SMTP has content_filter overridden by FILTER directives called from smtpd_sender_restrictions:

smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unlisted_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re

where the last rule sets:

/^/ FILTER lmtp:[127.0.0.1]:10024

I believe setting content_filter to port 10026 by default should be safe. Please set default port for content_filter do 10026 instead.