Mandi! Mike Tubby via Exim-users
In chel di` si favelave...
>> I'm used, in exim on debian stretch (4.89-2+deb9u7) add something like:
>>
>> DKIM_CANON = relaxed
>> DKIM_SELECTOR = 2020
>> DKIM_DOMAIN = ${lc:${domain:$h_from:}}
>> DKIM_PRIVATE_KEY = ${if exists{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{0}}
>>
>> to enable DKIM for selected 'from' addresses in my servers, using predefined
>> '.ifdef' in predefined debian transports.
>
> I think you can say:
> DKIM_SELECTOR = "2020"
> DKIM_PRIVATE_KEY = /etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem
> and Exim's business logic will get it correct, i.e. if it finds a key it
> will sign with it otherwise it wont attempt to sign. The other thing is
> that your key needs to be readable by whatever UID/GID Exim is running as.
Seems true. Inserting simply:
DKIM_CANON = relaxed
DKIM_SELECTOR = 2020
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_PRIVATE_KEY = /etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem
now DKIM signatures get added, and so filenames are correct, as name and
permission, but now i got in paniclog:
2020-07-08 00:50:52 1jswQN-0006Ml-18 unable to open file for reading: /etc/exim4/dkim/linux.it-2020-private.pem
where clearly 'linux.it' is for every non-local domains (better: for every
domain that doesnt have a DKIM key; i have a mailing list server on that
server, so also: for every user of one mailing lists that does not have a
DMARC strict policy ;).
So, i'm back with my original question. Why a macro:
DKIM_PRIVATE_KEY = ${if exists{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{0}}
that worked perfectly before stretch, now does not work anymore?
And also:
>> How can i debug trasport?! ;-)
Thanks.
--
Si dice che se fai girare un cd di installazione di Windows al contrario
nel lettore cd si sentono messaggi satanici. Questo è niente: fallo
andare nel verso giusto e installa Windows! (?)
