[exim] Domainkey support lacking a little

Top Page
Delete this message
Reply to this message
Author: Peter Carah
Date:  
To: exim-users
Subject: [exim] Domainkey support lacking a little
One of the outcomes that is needed is to be able to treat "no signature" as a
bad signature error if the domain has a key and the message has no domainkey
headers. This is supposed to be the main point of domainkeys in the first
place. This could be detected by looking for DK_FLAG_SET and no signature,
since I note by the comments (and looking in the library) that non-participant
isn't an explicit outcome of the library (but such a domain would lack
DK_FLAG_SET).

Admittedly if o=~ this isn't a "terrible" error, but "no signature" has
different meaning for domains with no _domainkey resources at all; it shouldn't
even be logged in that event, but if a domain has *any* domainkey info then one
would want to log "no signature". DK_FLAG_SET would be one way to detect this.

-- Pete