Florian, > > - a mail is received, existing DKIM signatures are verified, and > > the Authentication-Results is added if a recipient address is local; > > I guess that is determined according to local_domains_acl?
Yes. (or better: according to @local_domains_maps) > > if there were any pre-existing Authentication-Results header fields > > in a message claiming to be from your domain, they are deleted > > How is "your domain" identified in this case? Based on the instance > that added Authentication-Results, or based on the DKIM signature, or > based on the sender? Based on 'authserv-id' (RFC 5451 Section 2.3) found in an existing Authentication-Results header field - matching the $myauthservid as locally configured (being used in adding new A-R header fields). (actually the parsing is sloppy (errs on the safe side): if that string is found anywhere in the A-R header field, the field is removed) The 'authserv-id' is not related to domain names in signatures. The $myauthservid defaults to $myhostname in all versions up to and including 2.7.0-pre12. With -pre13 it will be possible to configure it separately, using a variable $myauthservid, with a fallback default to $myhostname. Mark ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
