Re: [exim-dev] Mailop list: exim and google fighting over DK…

Top Page
Delete this message
Reply to this message
Author: Brielle Bruns
Date:  
To: Exim-dev
Subject: Re: [exim-dev] Mailop list: exim and google fighting over DKIM
Heya, original cause of the havoc on mailop here!

I'll try and answer whatever questions I can. See below.


On 2019-04-29 19:06, Graeme Fowler wrote:> So *either* the
Debian-derived configuration (of which the original poster mentioned
they were using unaltered for DKIM purposes, inheriting defaults) does
something different to what is expected by defaukt, or Exim’s behaviour
changed somewhere after 4.86/4.87 (still trying to pinpoint that) but I
can’t see or replicate the issue.

Version: 4.92-2~bpo9+1

My configuration files are ancient. IIRC, I originally built them from
the debian config back around 2005 or 2006 (We've actually been using
exim since 2003). They got updated over the years as needed and include
a bunch of special stuff that is integrated with my DNSbl work.

So, the DKIM section is based on what I found in Debian's config. Under
the remote_smtp transport, I have the following:

dkim_domain = DKIM_DOMAIN
dkim_selector = DKIM_SELECTOR
dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = DKIM_CANON

Those variables are defined as:

DKIM_SELECTOR = default
DKIM_DOMAIN = ${sg{${lc:${domain:$h_from:}}}{^www\.}{}}
DKIM_FILE = /etc/exim4/dkim/${lc:${domain:$h_from:}}-private.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
DKIM_CANON = relaxed


There's nothing else adding dkim headers in the config file.



>
> Puzzled, perplexed… and given that this has only just been raised, I’m even more puzzled by it. There must be receivers out there who have insanely strict validation policies who would have seen this before!


Let me know how I can be of help at all!

-- 
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org