Re: [exim] ''multidomain'' DKIM: sender or from?

Top Page
Delete this message
Reply to this message
Author: Ian Zimmerman
Date:  
To: exim-users
Subject: Re: [exim] ''multidomain'' DKIM: sender or from?
On 2017-01-24 14:34, Marco Gaiarin wrote:

> I'm testing DKIM implementation in my exim server, and looking out
> google point me here:
>
>     https://debian-administration.org/article/718/
>   DKIM-signing_outgoing_mail_with_exim4

>
> for multidomain setup (i'm interested in) the author proposed:
>
>     DKIM_DOMAIN = ${lc:${domain:$h_from:}}

>
> but i think it is better to use the sender, eg do:
>
>     DKIM_DOMAIN = ${lc:${domain:$sender_address}}

>
> or not? reading https://www.ietf.org/rfc/rfc4871.txt, point 5.5, seems
> that From: is a signed header while the sender (Return-Path:) not.


The Return-Path header doesn't exist on outgoing messages.

exim inserts it (optionally) when delivering to local addresses, so as
to give the delivery agent information about the envelope sender.

AFAIK DKIM doesn't intersect with the envelope at all. That doesn't
mean you cannot sign for the envelope domain of course - you can choose
any domain you control :-)

--
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_ and sign
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html