Hi, all -
I'm sure I must be missing something obvious, but it's defeating me…
I'm experimenting on a test server, trying to add DKIM signing to messages
going out through a transport named remote_smtp_dkim. That transport looks
like this:
remote_smtp_dkim:
driver = smtp
dkim_domain = york.ac.uk
dkim_selector = 20160118
debug_print = remote_smtp_dkim : '$dkim_domain' : '$dkim_selector'
: '/etc/exim4/dkim/$dkim_domain-$dkim_selector.pem'
dkim_private_key = ${if
exists{/etc/exim4/dkim/$dkim_domain-$dkim_selector.pem} \
{/etc/exim4/dkim/$dkim_domain-$dkim_selector.pem}}
dkim_canon = relaxed
dkim_strict = false
(It'll get fancier over time; I'm just trying to get even one message
signed to start with!)
Sending a message through does not sign it. (And yes, my routers call this
transport! :-)
Running Exim in Debug mode (with "-d -bd" on the command line) and using
telnet to construct a message through it shows this logging, which includes
the output from the debug_print directive…
25638 >>>>>>>>>>>>>>>> Remote deliveries >>>>>>>>>>>>>>>>
25638 --------> testaddress@??? <--------
25638 search_tidyup called
25638 set_process_info: 25638 delivering 1aLZr4-0006fR-7X: waiting for a
remote delivery subprocess to finish
25638 selecting on subprocess pipes
25640 changed uid/gid: remote delivery to testaddress@??? with
transport=remote_smtp_dkim
25640 uid=110 gid=118 pid=25640
25640 auxiliary group list: <none>
25640 set_process_info: 25640 delivering 1aLZr4-0006fR-7X using
remote_smtp_dkim
25640 remote_smtp_dkim : '' : '' : '/etc/exim4/dkim/-.pem'
25640 remote_smtp_dkim transport entered
…
Note that where I use debug_print to output the values of $dkim_domain and
$dkim_selector I'm getting empty strings which, coupled with the resulting
non-existent filename, leads to the message not being signed.
But the Exim Specification says for the dkim_domain and dkim_selector
directives…
Signing is implemented by setting private options on the SMTP transport.
These options take (expandable) strings as arguments.
dkim_domain
MANDATORY: The domain you want to sign with. The result of this expanded
option is put into the $dkim_domain expansion variable.
dkim_selector
MANDATORY: This sets the key selector string. You can use the
$dkim_domain expansion
variable to look up a matching selector. The result is put in the expansion
variable $dkim_selector which should be used in the dkim_private_key option
along with $dkim_domain.
>From which I'm expecting the values I set using the options within the
remote_smtp_dkim transport to be available within the matching variables.
But they're not!
What am I missing?
Cheers,
Mike B-)
--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811
Web:
www.york.ac.uk/it-services
Disclaimer:
www.york.ac.uk/docs/disclaimer/email.htm
