Hello, I've always said that I would not add support for multiple domains in filter-dkimsign until someone could point me to a good reason to do so. Recently this was done by Maarten de Vries who pointed out to me that there is such a requirement in DMARC (RFC7489 section 3.1) stating that the DKIM signature must be aligned with the From-header. Unforunately the from-header is a mailbox-list; I decided to only use the first mailbox in the list, which should cover most use-cases.
As expected, this diff is more intrusive then I would've liked, but works so far in my testing. It works by using a single selector and trying to do a strict match on domain first, falling back to a relaxed match if none is found and ultimately going for the first domain in the list. I would like to ask everyone who wants this feature to test this and report back to me. I plan to create a new release in a week or 2 turning it into a less voluntary test. :-) Source-code can be found here (svn): http://imperialat.at/dev/filter-dkimsign/ This is still OpenBSD only, but Maarten can probably supply people with an arch-compatible version. martijn@