I have set up a linux email server with Postfix and have correctly set up SPF and DKIM. When I send an email, the email is signed properly, and when I view the source from the receiving client (such as gmail), I can see that SPF and DKIM passed.
I also have dovecot installed so that I can use POP3 and IMAP. Currently, I use gmail as a POP3 client so that I can take advantage of their wonderful anti-spam filters. While the actual account on the server may have spam, when I check the email via gmail, the spam gets filtered properly.
The problem I'm having is with bounced emails. If I send an email to a non-existant address, the message is bounced, and then Postfix sends me a bounce email, saying something like "the remote mail system said the mailbox is unavailable".
This bounce email is not being signed with DKIM, which I can see when looking at the source. Therefore, my POP3 client (ie gmail) is marking the bounce email as spam.
What must I do in order to have my bounce email also go through DKIM processing?
Best Answer
According to the docs mentioned by Stefan this is now possible but disabled by default. You can add
internal_mail_filter_classes = bounceto your config for bounces to be filtered just as any other mail (including signing filter).This will work well if you only have signing filter. Though you may encounter problems when you have other filters. You should make sure that no filter rejects locally generated bounces as this may generate another bounce which will possibly be rejected too and so on...