Hi!
> On 14/08/2024 14:31, Kurt Jaeger via Exim-users wrote:
> > The problem is that the autoreply driver looses the information
> > on which sender is used to send out the mail (envelope-from is <>
> > to avoid mail-loops).
>
> More to the point, there *is no* sender.
I understand, this avoids mail-loops. But the auto-reply
has the correct Mail-From (!), so it has the correct info somewhere ?
> It is your choice what to use for a domain for signing with
> (assuming you have keys...). The "main" domain for the
> operator of the MTA might be a good one.
Our setup has individual keys per domain on the same host.
So: user1@domain1 has an autoreply, and the autoreply
should be signed with dkim for domain1.
user2@domain2 has an autoreply, and that autoreply
should be signed with dkim for domain2.
The mail-from is correct in those cases (!), but autoreply
has no way to know which one is used...
Interestingly:
https://stackoverflow.com/questions/50371039/does-dkim-verify-smtp-envelope-from-or-the-mail-header-from
points to
https://en.wikipedia.org/wiki/DMARC#Alignment
which says: DMARC checks Mail-From. In the above case
that would not work, as autoreply has the correct Mail-From,
but the envelope-from is <>.
That why I think that the autoreply method should have some
way to find the domain from the mail-from. I can try to parse
it from the autogenerated mail, but this looks complicated.
--
pi@??? +49 171 3101372 Now what ?
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/