Am 21.12.25 um 00:31 schrieb Bill Cole:
SA knows nothing about Amavis and its configuration. SA can only process what
it is given.
On 21.12.25 12:52, A.Schulze via users wrote:
Thomas Barth run a OpenDKIM verifier before checking the message with amavis.
SA try again to verify the same DKIM signatures. This waste resources and fail
by design for messages larger then Amavis' $sa_mail_body_size_limit
OpenDKIM write A-R header conforming to RFC 7601 [1]
Such header contain an Authentication Identifier (mx1.example.de in Thomas'
case, see [2] for definition).
OpenDKIM remove all existing A-R header with OpenDKIM's own Authentication
Identifier [3]
But every admin should verify that before apply any trust to them...
Said that, my question:
Is there a way to configure SA to not check DKIM signatures itself again but
parse an existing A-R header from a given Authentication Identifier?
SA does have AuthRes plugin that parses the A-R headers.
So far it does not replace builtin DKIM validation.
Hoever, amavis supports DKIM validation, perhaps it could be configured to
replace the one in SA.
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due to unexpected conditions Windows 2000 will be released
in first quarter of year 1901
