On Mar 6, 2013, at 2:11 PM, dhanushka ranasinghe <parakrama1282@???> wrote:
> i added the following lines to end of the file ,
>
> dkim_domain = example.com
> dkim_selector = email
> dkim_private_key = /etc/exim4/dkim.private.key
> dkim_canon = relaxed
>
> but when i tested , mail servers signing all the messages that going via it
>
>
> Is there any config changes that i need to make this work ?
The best way I've found to do this is by adding a topmost router, something like:
dkim_routed:
driver = dnslookup
domains = !+local_domains
transport = remote_dkim
condition = ${lookup{${lc:$sender_address_domain}}dsearch{/etc/exim/dkim}{yes}{no}}
more = false
and a transport:
remote_dkim:
driver = smtp
dkim_domain = $sender_address_domain
dkim_private_key = /etc/exim/dkim/${lc:$sender_address_domain}
dkim_selector = email
dkim_canon = relaxed
dkim_strict = 0
Then you can place keys for ONLY domains you want to sign in /etc/exim/dkim
ie: /etc/exim/dkim/example.com
And example.com would have the signing key you want to use.
Then it will only sign mails for those domains you have keys for.
--
Robert Blayzor
INOC, LLC
rblayzor@???
http://www.inoc.net/~rblayzor/