https://bugs.exim.org/show_bug.cgi?id=3062
Bug ID: 3062
Summary: wishlist: please add logging related to dkim signing
Product: Exim
Version: 4.98
Hardware: All
OS: All
Status: NEW
Severity: wishlist
Priority: medium
Component: DKIM
Assignee: tom@???
Reporter: arekm@???
CC: exim-dev@???
This feature request is about adding logging of DKIM signing details.
Rationale: DKIM signing supports dynamic expansions of variables which allow to
sign various things based on some external configuration.
Unfortunately such signing happens silently. Nothing is logged in logs. There
is no way to figure out if mail was signed, what was used in signing etc.
Perhaps new dkim log selector could be used. Which domain, dkim selector,
canonicalization, strictness, timestamp etc was used could be logged then, if
signing was done.
Current workaround is not that nice and requires a bit of ugliness to log every
option that was used:
begin acl
acl_logme:
# acl_arg1 = what to return
# acl_arg2 = message
accept
condition = ${if eq{$acl_arg1}{}{true}{}}
message = $acl_arg1
accept
logwrite = LOGWRITE: $acl_arg2: $acl_arg1
message = $acl_arg1
and in transport
# common dkim options for transports
dkim_domain = ${acl {acl_logme}{...
DKIM_FROM_DOMAIN... \
}}{DKIM signing for domain}}
dkim_private_key = /etc/mail/dkim-key.pem
dkim_selector = DKIM_SELECTOR
dkim_hash = sha256
dkim_canon = relaxed
dkim_timestamps = 1209600 # 2 weeks
dkim_strict = 1
(+ same ${acl {acl_logme} hack for each option logging)
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
