Hello, I currently work on implementing DKIM signing in my amavisd-new with Postfix. All key tests result in passed, and sending signed e-mail out of lists results in correct verification.
However, I have problems with signing my hosted mailing lists -- as footers are added and subjects are modified, the DKIM signature is broken. As far as I understood, this does no harm, and is normal -- signing only parts of the body has to be implemented on the sender's side, which I can't influence. Therefore, I decided to sign all mailing lists myself with third-party signatures, so they get out with valid signatures. It looks, however, as if amavisd-new only adds third-party signatures when the sender is not from one of my hosted domains. This results in broken signatures, when someone of my users sends to one of my mailing lists. When a third party, e.g. @gmail.com, sends to the lists, the third-party signature is added and valid. Here are the relevant configuration parts: == dkim_key('second-domain.tld', '20110105', '/etc/amavis/second-domain.tld.key.pem'); dkim_key('first-domain.tld', '20110105', '/etc/amavis/second-domain.tld.key.pem'); dkim_key('lists.second-domain.tld', '20110105', '/etc/amavis/second-domain.tld.key.pem'); dkim_key('lists.first-domain.tld', '20110105', '/etc/amavis/second-domain.tld.key.pem'); dkim_signature_options_bysender_maps => [ { 'second-domain.tld' => { d => 'second-domain.tld', c => 'relaxed/simple' }, 'first-domain.tld' => { d => 'first-domain.tld', c => 'relaxed/simple' }, 'lists.second-domain.tld' => { d => 'lists.second-domain.tld', c => 'relaxed/simple' }, 'lists.first-domain.tld' => { d => 'lists.first-domain.tld', c => 'relaxed/simple' }, } ], }; == Did I miss a configuration? Is there an option to always enforce signing with third-party signatures? Thanks, Florian ------------------------------------------------------------------------------ Gaining the trust of online customers is vital for the success of any company that requires sensitive data to be transmitted over the Web. Learn how to best implement a security strategy that keeps consumers' information secure and instills the confidence they need to proceed with transactions. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org