Just for completeness sake I will throw some in:
*) https://launchpad.net/dkimpy-milter
*) https://lib.rs/crates/dkim-milter
*) https://github.com/fastmail/authentication_milter
I have not yet had time to look at them, so no comment on their usability.
regards,
Robert
On 24.04.24 00:06, Joseph Tam via dovecot wrote:
On Tue, Apr 23, 2024 at 7:33 AM <dovecot-requ...@dovecot.org> wrote:
I am upgrading to postfix 3.9.0. I have not used DKIM in previous postfix
installs, but I
would like to start now with the new google rules. I have done some research
and opendkim
is the most recommended, however, other research states the opendkim has been
abandoned by it's maintainers. So I am looking for a good alternative dkim
software
that will work with postfix that I can compile myself. I do not run on any linux
version, so therefore I can not just apt-get a new dkim application.
I run Solaris and therefore need to compile my applications, postfix and dkim.
Any good suggestions will be appreciated.
I just rolled out a locally compiled opendkim on my mail server. It
works, but there
are a few gotchas.
Although it seems like a moribund project, there is a late beta
version that includes
some important patches, most notably the "Header:\n LongHeaderValue" bug that
needs fixing. You can look at
https://sourceforge.net/p/opendkim/patches/
to find that patch, as well as others you deem important. As DKIM standards
are not going to change soon, having end-of-line software is not as
bad as it seems
unless you need particular enhancements to make it work better in your
circumstances.
Once you get your setup dialed, you can probably set it and forget it.
Most of the headaches have actually been internal: local mail
injection via sendmail
would skip miltering, From header canonicalization by the MTA would not be
seen by the opendkim milter thereby creating messages with missing or invalid
signatures, and mailing list/auto reply/forwarder software mangling messages.
I think Postfix does a better job in this regard, so these issues may
not present itself.
(I did a Postfix/opendkim milter on an Ubuntu system and it was much
less hassle.)
You should look at *lots* of DMARC RUA reports. People are doing crazy batsh*t
stuff with your mail domain.
Joseph Tam <jtam.h...@gmail.com>
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
