[exim] RFC 8301: Cryptographic Algorithm and Key Usage Updat…

Góra strony
Delete this message
Reply to this message
Autor: Torsten Tributh
Data:  
Dla: Exim-users
Temat: [exim] RFC 8301: Cryptographic Algorithm and Key Usage Update to DomainKeys Identified Mail (DKIM)
Postmasters might be interested in the newly issued RFC:

https://www.rfc-editor.org/rfc/rfc8301.txt

To start following this RFC with
Section 3.1. Signing and Verification Algorithms


I started using the sample from:

https://www.exim.org/exim-html-current/doc/html/spec_html/ch-support_for_dkim_domainkeys_identified_mail.html

In my config now:

dmarc_history_file              = /somewhere/dmarc_history.txt


   warn    condition =    ${if eq {$dkim_algo}{rsa-sha1}}
    condition =    ${if eq {$dkim_verify_status}{pass}}
    logwrite =    NOTE: forcing dkim verify fail (was pass)
    set dkim_verify_status = fail
    set dkim_verify_reason = hash too weak


I guessed that after changing the dkim_verify_status the DMARC status
will also change and that later in the dmarc_history_file
will be some DKIM failed informations.

I would like to use the change of DKIM to fail and inform postmasters
about that with the generated DMARC reports, but i can't find any fail
in there.

Do I miss something?
Or is there a bug?




--
Torsten