On Wed, March 17, 2010 11:00 am, Mark Martinec wrote: >> so, dumb question: > These are two mostly independent features: verification and signing. > The message [1] only says that verification is disabled. Turning on > DKIM verification does not require any keys or certificates on your side, > these are only required on the sender's side. DKIM verification does not > cost much, so my position is to just enable it > ($enable_dkim_verification=1). > If for nothing else, it will insert an Authentication-Results header field > to a received signed messages, and provide additional information in the > log - both of which can serve as a gentle getting-used-to / introduction > to the new concept.
Mark, thanks for the info, you've explained exactly what I was wondering. gentle introduction enabled: Mar 17 11:56:01 amavis[27435]: Module Mail::DKIM::Signer 0.37 Mar 17 11:56:01 amavis[27435]: Module Mail::DKIM::Verifier 0.37 Mar 17 11:56:01 amavis[27435]: DKIM code loaded > If using amavisd 2.6.4 with SpamAssaswsin 3.3.0 or later, letting amavisd > do the DKIM verification has another benefit: the verification results yes, amavisd-new-2.6.4 (20090625) > Now, the DKIM signing is another matter, mostly independent from > verification. To produce a valid DKIM signature, you need to generate one > or more signing keys (amavisd can do it for you: '$ amavisd genrsa > <filename>'), then you > need to add the generated public key as a TXT record to a DNS zone of your > domain, and make the private key counterpart available on a file to > amavisd, and letting it be aware of it by a dkim_key() in amavisd.conf. > This is pretty > much all there is to. For a simple setup this is quite straightforward, > just follow the: > http://www.ijs.si/software/amavisd/amavisd-new-docs.html#dkim-impatient > so, for signing, I can just follow 'dkim-impatient', and, is that independent from Postfix itself, do I need to do anything on Postfix ? thanks again -- Voytek ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
