At 12:32 28-09-2006, Henrik Ostergaard wrote:
This sounds promissing! But I have distributed, moving users and therefore
uses pop-before-smtp for authentication, which means that my IP list is in a
hash table, which is not in CIDR format. :-(
dk-filter and dkim-filter support pop-before-smtp.
Henrik,
My users ARE identifyied by either locally trusted IPS or pop-before-smtp,
i.e. thery end up in mynetworks, but they are STILL verified by the
incoming filter.. And I'm using your suggested setup very strictly..?!
As far as I can see, the incoming milter(s) DOES get invoked for ALL
Thanks for a splendid howto!
I do however have a small problem:
My usesrs submit their messages for relaying on port 25 like normal incoming
messages - meaning that they will be verified before they are signed,
causing the verification to fail. If I set up the DNS record to enforce
signing, this
On 9/28/06, Henrik Ostergaard [EMAIL PROTECTED] wrote:
My usesrs submit their messages for relaying on port 25 like normal incoming
messages - meaning that they will be verified before they are signed,
The same dk-filter command usually provides both signing and
verification, deciding which to
Noel Jones wrote:
# dk-filter -H -S mailgate -M {auth_author} -o Received -s
/var/db/certificates/domainkey.private -d example.com -i
/var/db/domainkey.clients -u milter -l -p inet:[EMAIL PROTECTED]
and the /var/db/domainkey.clients file is a list of networks that
should be signed, in
On 9/28/06, Henrik Ostergaard [EMAIL PROTECTED] wrote:
This sounds promissing! But I have distributed, moving users and therefore
uses pop-before-smtp for authentication, which means that my IP list is in a
hash table, which is not in CIDR format. :-(
Your best choice is to set up SASL
Henrik,
I do however have a small problem:
My usesrs submit their messages for relaying on port 25 like normal
incoming messages - meaning that they will be verified before they are
signed, causing the verification to fail.
No, if you follow my setup. Mail from mynetworks and from
On Sun, September 17, 2006 21:48, SM wrote:
At 04:32 17-09-2006, Benny Pedersen wrote:
how does one do signing multible domains ?
man 8 dk-filter says to make a internal domain file and add this as -i
internal.file
You can use the -d parameter ( -d example.com,example.net) or
thanks that
now i wait to dkim commes on gentoo
Btw, dkim-milter 0.5.2 just came out
http://sourceforge.net/projects/dkim-milter/
It fixes:
- compatibility with Postfix milter environment;
- verifies that the body hash in a signature matches the actual body hash;
- fixes relaxed body canonicalization of
On Tue, September 12, 2006 16:59, Mark Martinec wrote:
I'm finishing up writing what I have learned in the last
couple of weeks on setting up a DKIM/DK signing/verifying
thanks Mark
how does one do signing multible domains ?
man 8 dk-filter says to make a internal domain file and add this as
On Tue, September 12, 2006 16:59, Mark Martinec wrote:
I'm finishing up writing what I have learned in the last
couple of weeks on setting up a DKIM/DK signing/verifying
sorry i need to know more:
# Local config options needing unique settings
MTA_NAMES=local
At 04:32 17-09-2006, Benny Pedersen wrote:
how does one do signing multible domains ?
man 8 dk-filter says to make a internal domain file and add this as -i
internal.file
You can use the -d parameter ( -d example.com,example.net) or
but can domains still have same domain keys or is one
SM, and others:
Both milters are being maintained and are similar in reliability.
dk-milter is not fading in oblivion as there are more domains signing
with DomainKeys than DKIM.
Usage of dk-milter may not be fading, but the interest in fixing standing bugs
seems to be lost (contrary to
Good article -- and thanks for posting it!
For what it's worth, I think it's likely that DomainKeys will be around
for quite a while yet, with plenty of inertia regarding switching to DKIM;
but currently the text makes it sound like DK is already obsolete. It
might be worth de-emphasising that.
Hi Mark,
At 07:59 12-09-2006, Mark Martinec wrote:
At the time of this writing it appears the dkim-milter is more reliable
and better maintained than dk-milter, which is slowly fading into
oblivion. Similar holds true in the world of Perl modules: there are
Both milters are being maintained
15 matches
Mail list logo
