Postmasters might be interested in the newly issued RFC:
https://www.rfc-editor.org/rfc/rfc8301.txt
To start following this RFC with
Section 3.1. Signing and Verification Algorithms
I started using the sample from:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-support_for_dkim_domainkeys_identified_mail.html
In my config now:
dmarc_history_file = /somewhere/dmarc_history.txt
warn condition = ${if eq {$dkim_algo}{rsa-sha1}}
condition = ${if eq {$dkim_verify_status}{pass}}
logwrite = NOTE: forcing dkim verify fail (was pass)
set dkim_verify_status = fail
set dkim_verify_reason = hash too weak
I guessed that after changing the dkim_verify_status the DMARC status
will also change and that later in the dmarc_history_file
will be some DKIM failed informations.
I would like to use the change of DKIM to fail and inform postmasters
about that with the generated DMARC reports, but i can't find any fail
in there.
Do I miss something?
Or is there a bug?
--
Torsten
