Hello,
I currently work on implementing DKIM signing in my amavisd-new with
Postfix. All key tests result in passed, and sending signed e-mail out
of lists results in correct verification.
However, I have problems with signing my hosted mailing lists -- as
footers are added and subjects are modified, the DKIM signature is
broken. As far as I understood, this does no harm, and is normal --
signing only parts of the body has to be implemented on the sender's
side, which I can't influence.
Therefore, I decided to sign all mailing lists myself with third-party
signatures, so they get out with valid signatures. It looks, however,
as if amavisd-new only adds third-party signatures when the sender is
not from one of my hosted domains. This results in broken signatures,
when someone of my users sends to one of my mailing lists. When a
third party, e.g. @gmail.com, sends to the lists, the third-party
signature is added and valid.
Here are the relevant configuration parts:
==
dkim_key('second-domain.tld', '20110105',
'/etc/amavis/second-domain.tld.key.pem');
dkim_key('first-domain.tld', '20110105',
'/etc/amavis/second-domain.tld.key.pem');
dkim_key('lists.second-domain.tld', '20110105',
'/etc/amavis/second-domain.tld.key.pem');
dkim_key('lists.first-domain.tld', '20110105',
'/etc/amavis/second-domain.tld.key.pem');
dkim_signature_options_bysender_maps => [ {
'second-domain.tld' => { d => 'second-domain.tld', c => 'relaxed/simple' },
'first-domain.tld' => { d => 'first-domain.tld', c => 'relaxed/simple' },
'lists.second-domain.tld' => { d => 'lists.second-domain.tld', c =>
'relaxed/simple' },
'lists.first-domain.tld' => { d => 'lists.first-domain.tld', c =>
'relaxed/simple' },
} ],
};
==
Did I miss a configuration? Is there an option to always enforce
signing with third-party signatures?
Thanks,
Florian
------------------------------------------------------------------------------
Gaining the trust of online customers is vital for the success of any company
that requires sensitive data to be transmitted over the Web. Learn how to
best implement a security strategy that keeps consumers' information secure
and instills the confidence they need to proceed with transactions.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
