Hi all,
I fully intended to make the /etc/tcprules.d/tcp.smtp entry to properly
sign relayed mail, allowed by SMTPD-AUTH.
The entries placed in tcp.smtp look like this (without the "\"s):
~~~
127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private"
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",\
CHKUSER_WRONGRCPTLIMIT="10",\
DKVERIFY="DEGIJKfh",\
QMAILQUEUE="/var/qmail/bin/simscan",\
DKQUEUE="/var/qmail/bin/qmail-queue.orig"
~~~
It should have looked like this (again without the "\"s) to allow :
~~~
127.:allow,RELAYCLIENT=""
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",\
CHKUSER_WRONGRCPTLIMIT="10",\
DKVERIFY="DEGIJKfh",\
QMAILQUEUE="/var/qmail/bin/simscan",\
DKQUEUE="/var/qmail/bin/qmail-queue.orig",\
DKSIGN="/var/qmail/control/domainkeys/%/private"
~~~
NOTICE: The DKSIGN="/var/qmail/control/domainkeys/%/private" should be the
last entry in the ":allow" line instead of being the last entry in the
"127.:allow" line.
If you have other rules that require domainkey signing, make the DKSIGN
entry for them also to properly set the enviroment.
Regards,
Nick
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
