Re: [exim] Unsigned messages from DKIM domains

On 10/01/17 13:21, Ivo Truxa wrote:
> It means that for bypassing the DKIM checks of Exim, all an abuser needs to do, is sending an email without any DKIM at all. Unless
> SPF, DMARC or an external program like SpamAssassin help, the message will be accepted.
>
> I assume that such functionality will be added sooner or later to DKIM in Exim, but I needed it now, so I wrote a simple Perl
> script, and call it from the DKIM ACL.

The DKIM ACL is called once for each DKIM sig in the headers of a
message. If there isn't one, it won't be called. You'd need to
be making this check in your data ACL instead.

Also, you can very likely duplicate all the tests you wish to do
using native Exim facilities; no need for perl.
--
Cheers,
Jeremy