Jeremy Harris via Exim-users wrote:
> On 12/12/2022 09:21, Victor Sudakov via Exim-users wrote:
> > acl_check_dkim:
> > accept add_header = :at_start:${authresults {$primary_hostname}}
>
> It's generally better to use ${authresults } in the data ACL, so that it
> can pick up other results even when the message wasn't DKIM-signed.
> Also, the DKIM ACL can get called more than once (when there are multiple
> signatures in a message) which would, with the header added here,
> give you multiple results headers -
> and can *modify* the result for a signature (yours doesn't, obviously).
So I just leave acl_check_dkim with a single "accept" and move the
"add_header" to the data ACL? Or do I omit the acl_check_dkim
altogether?
--
Victor Sudakov VAS4-RIPE
http://vas.tomsk.ru/
2:5005/49@fidonet
