On Sun, Feb 23, 2014 at 9:49 AM, Jason W. <jwellband@???> wrote: > Just got around to implementing whitelisting based on DKIM signer and I
> originally was brain-dead enough to try this in the RCPT ACL. Of course,
> once the light bulb clicked on, I realized I needed it in the DATA ACL to
> actually get the DKIM signature Duhh... ;)
We've all done it. That light bulb is the learning process that will
mean even more to you later than it does now when you apply better
consideration of WHEN things are visible in an smtp conversation, not
just what it should be.
> My question is that in the log (main & reject), I saw this:
>
> 2014-02-23 12:32:16 H=mta-34db.livingsocial.com [199.91.52.219] F=<
> replies@???> temporarily rejected RCPT <x@???>: cannot
> test dkim_status condition in RCPT ACL
>
> Originally, I thought that this was a problem with livingsocial.com and not
> my sever. I was expecting any config problems to show up in the panic log.
> Is this assumption correct?
The panic log is for when things are completely and unconditionally
dying and preventing any kind of operation (mail transfer). Your
error is less severe, in that the mail can be transferred, and it
notes the error in the ACL.
That's the way I interpreted it. I look forward to seeing if anybody
interprets it differently.
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine