you couldn't be more right than that! Thank you
On Wed, Jul 4, 2018 at 12:25 PM, Gilles Chehade <gil...@poolp.org> wrote: > On Wed, Jul 04, 2018 at 11:44:00AM +0200, Teno Deuter wrote: >> makes sense indeed. >> >> In that case would be OK if I include that user in the wheel group? I >> mean from a security point of view.Any concerns about this? >> > > why do that ? > > why not simply change ownership on the key to that of _dkimproxy rather > than give that user more privileges ? > > >> Thank you for your help >> >> On Wed, Jul 4, 2018 at 11:27 AM, Gilles Chehade <gil...@poolp.org> wrote: >> > On Wed, Jul 04, 2018 at 10:29:51AM +0200, Teno Deuter wrote: >> >> indeed. What I'm doing is the following: >> >> >> >> a system user who is part of the wheel group, launches a neomutt >> >> session and sends an email. I thought that this user tries to do the >> >> dkim sign but obviously this is wrong! Could it be the '_dkimproxy' >> >> user or the '_smtpd' one? >> >> >> > >> > probably _dkimproxy, smtpd doesn't do signing >> > >> > >> >> On Wed, Jul 4, 2018 at 9:03 AM, Gilles Chehade <gil...@poolp.org> wrote: >> >> > On Wed, Jul 04, 2018 at 01:22:52AM +0200, Teno Deuter wrote: >> >> >> I had that before but then I get the following error in the maillog: >> >> >> >> >> >> dkimproxy.out[71987]: signing error: Error: cannot read >> >> >> /var/dkimproxy/default.private: Permission denied >> >> >> >> >> > >> >> > Permission denied may be caused by access to the directory too, i >> >> > suspect that >> >> > whatever is trying to dkim sign does not have the rights to reach your >> >> > key. >> >> > >> >> > -- >> >> > Gilles Chehade >> >> > >> >> > https://www.poolp.org @poolpOrg >> >> >> >> -- >> >> You received this mail because you are subscribed to misc@opensmtpd.org >> >> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org >> >> >> > >> > -- >> > Gilles Chehade >> > >> > https://www.poolp.org @poolpOrg > > -- > Gilles Chehade > > https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
