Re: [exim] DKMI signing in EXIM

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Robert Blayzor
Date:  
À: dhanushka ranasinghe
CC: exim-users
Sujet: Re: [exim] DKMI signing in EXIM
On Mar 6, 2013, at 2:11 PM, dhanushka ranasinghe <parakrama1282@???> wrote:
> i added the following lines to end of the file ,
>
> dkim_domain = example.com
> dkim_selector = email
> dkim_private_key = /etc/exim4/dkim.private.key
> dkim_canon = relaxed
>
> but when i tested , mail servers signing all the messages that going via it
>
>
> Is there any config changes that i need to make this work ?



The best way I've found to do this is by adding a topmost router, something like:

dkim_routed:
driver = dnslookup
domains = !+local_domains
transport = remote_dkim
condition = ${lookup{${lc:$sender_address_domain}}dsearch{/etc/exim/dkim}{yes}{no}}
more = false


and a transport:

remote_dkim:
driver = smtp
dkim_domain = $sender_address_domain
dkim_private_key = /etc/exim/dkim/${lc:$sender_address_domain}
dkim_selector = email
dkim_canon = relaxed
dkim_strict = 0



Then you can place keys for ONLY domains you want to sign in /etc/exim/dkim


ie: /etc/exim/dkim/example.com


And example.com would have the signing key you want to use.


Then it will only sign mails for those domains you have keys for.


--
Robert Blayzor
INOC, LLC
rblayzor@???
http://www.inoc.net/~rblayzor/