On Sat, 2014-10-11 at 19:47 +0100, Jeremy Harris wrote:
> On 11/10/14 17:18, Mark Elkins wrote:
> > dkim_private_key = /etc/exim/dkim.private.key
> >
> > I think an error message of "dkim_private_key not found - please specify
> > the full pathname" would have been more helpful than "signing failed".
>
> As the docs say:
>
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch-support_for_dkim_domainkeys_identified_mail.html
>
> the value of the dkim_private_key option is taken as a
> filename if it starts with a "/". If is doesn't, and
> isn't null (or a synonym) it is take to be the actual
> key.
Ouch... didn't take that in with my initial reading.
Well - that greatly weakens my argument. Need to vent my wasted hour on
someone though.. ;-)
The Armoured Key itself can have the '/' character. I presume this can
never be the first character? It can't have a '.' (dot) or '-' (dash)
though - so if these chars exist - its probably someone like me - doing
the wrong thing. So (apart from case 3, Zero or Null) if the Key doesn't
validate as a Key (Ascii into binary) - perhaps the error should read:
"dkim_private_key: Invalid ASCII armoured Key, Is this a filename?
Filenames always have a leading '/'"
Would this not help those who add a syntactically incorrect Armoured
Key?
--
Mark James ELKINS - Posix Systems - (South) Africa
mje@??? Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za