On Tue, May 6, 2014 10:53, Wietse Venema wrote: > > master.cf: > 127.0.0.1:26 inet n - n - - smtpd > -o smtpd_tls_security_level=none > -o smtpd_sasl_auth_enable=no > -o smtpd_client_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_data_restrictions= > -o milter_macro_daemon_name=ORIGINATING > -o syslog_name=postfix-p26 > > With this in place, do "postfix reload" and see if mailman can > send a test message to 127.0.0.1 port 26. > > Wietse >
This change, together with setting SMTPPORT=26 in mm_cfg.py solved the problem of getting outgoing Mailman messages dkim signed. Unfortunately, as others warned, this accomplishment solves nothing with respect to DMARC since the Sender is not considered in the DKIM alignment wrt DMARC validity; only the FROM header is. I infer from my readings on the background to this that the salient point respecting this curious choice appears to have been that the FROM header is 'seen' by the mail recipient but that the 'SENDER' is not. If so then I am not sure that I see the merit in confining DKIM alignment to the FROM header when there are many legitimate reasons why the sender should differ. In addition to the ubiquitous and rather obvious mailing list issues that we are confronted with the matter of public webmail services come to mind. However that may be, it seems that we are constrained to wait on Redhat to provide an updated mailman to deal with this. My attempts to repackage 2.1.18 as an rpm succeeded insofar as I can install a working version into RHEL6 via yum. The difficulty being that the mailman project is not FHS aligned and in consequence either SELinux has to be disabled or a massive amount of patching and relocating of files made to the original source files. The resources that the latter approach requires are beyond our slender capacity (me) to provide and switching off SELinux on a host providing a public facing web portal is not going to happen here. Thank you for the help. It is greatly appreciated. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
