[exim] Re: Message ID in envelopes with multiple recipients

Góra strony
Delete this message
Reply to this message
Autor: Slavko
Data:  
Dla: exim-users
Temat: [exim] Re: Message ID in envelopes with multiple recipients
Ahoj,

Dňa Sat, 9 Mar 2024 15:38:43 +0000 Jeremy Harris via Exim-users
<exim-users@???> napísal:

> However, the text of the headers (and body) of the message used as
> input for the various hashes and signatures of the DKIM signing *is*
> the output of any transport filter (this adds significant coding and


I will leave transport_filter out, as i agree with you, that using
headers_rewrite is much better and straightforward for this.

> cpu overhead, as it happens). The documentation for this is the
> source-code, for anybody caring that much.


Reading of source code is not as easy for someone who don't speak C...

> These facilities are applied before any transport filter, and hence
> before the dkim signing operation. I am reasonably sure that a
> rewrite will be visible in $h_* expansion syntax used in dkim signing
> option. However, the result of adds and removes will not be
> (sigh. That should probably be fixed).


I did test which confirms my early tests (stock debian stable):

    Exim version 4.96 #2 built 01-Jan-2024 16:58:00


I setup in transport (beside others):

    headers_rewrite       = *@mailt.internal $1@real frs
    ...
    dkim_domain           = ${acl{dkim_dom}}
    dkim_private_key      = ${acl{dkim_key}}
    dkim_selector         = default


I defined ACLs for that, to log values:

    dkim_dom:
      accept        logwrite    = DKIMrw: from_domain ${domain:$rh_from:}
                    message     = ${domain:$rh_from:}


    dkim_key:
      accept        logwrite    = DKIMrw: dkim_domain $dkim_domain


And sending test message (via stdin) results in logs:

    1rjGgs-000eYe-0U <= root@??? U=root P=local S=418
    1rjGgs-000eYe-0U DKIMrw: from_domain mailt.internal
    1rjGgs-000eYe-0U DKIMrw: dkim_domain mailt.internal
    1rjGgs-000eYe-0U => my@real ...


I didn't setup key for this test, thus signing doesn't happen, but
from log one can see that from_domain & dkim_domain has value before
rewrite (received message has rewritten values).

regards

--
Slavko
https://www.slavino.sk

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/