On 05/12/2022 05:46, Victor Sudakov via Exim-users wrote:
> Can you give me an address to send a test mail to on one of your
> Debian receivers?
I cannot; that was an internal-only test VM, not internet-facing.
>> The body-hash differing implies, I think, that the signature algorithm isn't
>> involved. I was using sha256; what's yours?
>
> Hmm, how do I figure out? Below is the complete sender configuration,
> without hiding anything:
>
> remote_smtp:
> driver = smtp
> message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
> dkim_domain = library.tomsk.ru
> dkim_selector = 20221203
> dkim_private_key = /usr/local/etc/exim/dkim/library.tomsk.ru-private.pem
> dkim_canon = relaxed
> dkim_sign_headers = Date:From:To:Subject:Message-Id:In-Reply-To
>
> I think it's using some exim default algorithm.
As the docs say, the default for dkim_hash is sha256.
> What should I add to acl_smtp_dkim to enable debugging?
In ACL for (DATA-or-earlier) - not the DKIM ACL -
warn
( any conditions preferred to limit what gets debugged,
eg. hosts = my.test.source.ip )
control = debug/tag=.dkimtest/opts=+all
--
Cheers,
Jeremy
