On Mar 6, 2013, at 2:11 PM, dhanushka ranasinghe <[email protected]>
wrote:
> i added the following lines to end of the file ,
>
> dkim_domain = example.com
> dkim_selector = email
> dkim_private_key = /etc/exim4/dkim.private.key
> dkim_canon = relaxed
>
> but when i tested , mail servers signing all the messages that going via it
>
>
> Is there any config changes that i need to make this work ?
The best way I've found to do this is by adding a topmost router, something
like:
dkim_routed:
driver = dnslookup
domains = !+local_domains
transport = remote_dkim
condition =
${lookup{${lc:$sender_address_domain}}dsearch{/etc/exim/dkim}{yes}{no}}
more = false
and a transport:
remote_dkim:
driver = smtp
dkim_domain = $sender_address_domain
dkim_private_key = /etc/exim/dkim/${lc:$sender_address_domain}
dkim_selector = email
dkim_canon = relaxed
dkim_strict = 0
Then you can place keys for ONLY domains you want to sign in /etc/exim/dkim
ie: /etc/exim/dkim/example.com
And example.com would have the signing key you want to use.
Then it will only sign mails for those domains you have keys for.
--
Robert Blayzor
INOC, LLC
[email protected]
http://www.inoc.net/~rblayzor/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
