I have ispconfig servers for primary and secondary MX. The amavisd on primary will not check mails for spam from secondary. I tried to set @mynetworks = qw(127.0.0.0/8) but no luck.
This is not related to dkim. Both mx should scan incoming mails. Did you enter the ip from the backup-mx to mynetworks in the postfix-config on the primary?
Sorry that I think I am wrong in some points. Amavisd config, mynetworks = qw(127.0.0.0/8). The Amavisd has check SPAM for all mails from other servers. I cannot found the spam tag is because ISPconfig default spam policy is Normal and its sa_tag_level_deflt is 1, but my mail from external server got less than 1, so I cannot found in the incoming mail header.
I got another problem which is , I enabled dkim for domain example.com for ISPCONFIG server, using the ispconfig dkim patch. My network configuration is external IP using NAT forward to OLD postfix server, then postfix transport the mails to ISPCONFIG port 25.
I tested with an external server, send email from [email protected] to [email protected]. Of course the external server don't have dkim config for example.com and the emails are fake. When Amavisd config, @mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16). - emails from external via OLD postfix server will be added dkim signature by ISPCONFIG amavisd, and the dkim check always pass. That not expected result. When Amavisd config, @mynetworks = qw(127.0.0.0/8). - emails from external via OLD postfix server won't be added dkim signature, but also don't check dkim by ISPCONFIG amavisd (no headers about dkim for the fake mail), thats also not expected result. If I change the network configuration, external IP using NAT forward to ISPCONFIG server directly, fake mails from external server will be tested with amavisd and mark SPAM correctly. Any idea?