Josh,
> How do you configure amavisd-new to sign the envelope_sender?
> Is this by using the d= flag to force the domain used?
Yes, this is currently the only way, by using
the @dkim_signature_options_bysender_maps.
Note that @dkim_signature_options_bysender_maps can be
replaced by a policy bank, so you are not necessarily stuck
with a single forced domain. But I agree this becomes
impractical with hundreds of signing keys to be forced.
> I set the sender as an email address that will bring the bounced
> mail back to a very specific mail box for un-subscribe processing and
> the email header from address as the person who should receive the mail
> should the recipient intend to reply.
> When automated processes send mail on behalf of the users then the
> envelope_sender is different from the from: so that the user is
> automatically un-subscribed if the mail bounces so that the user does
> not have to see this (although the user will know that the bounce
> occurred as the email account will show as undeliverable).
If it is only this automated process (e.g. a mailing list manager)
that needs to force a use of a particular signing domain, then
the approach with a @dkim_signature_options_bysender_maps in
a policy bank loaded for these automated messages is perhaps
the right solution, as long as there is only a small number
of such signing keys in use.
$policy_bank{'FORCE_SIGNING_DOMAIN'} = {
dkim_signature_options_bysender_maps => [
{ '.' => { d => 'example.com' }, }
],
};
On the other hand, in the absence of a signing key for an author's
domain, amavisd falls back to trying to find a signing key for
a Sender header field or to a signing key for an envelope sender
address. Your problem only arises when there are signing keys both
for the author domain and for the envelope sender domain, in which
case the author's domain key is chosen, contrary to your desire.
I don't currently have a good solution, apart from the above.
Mark
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
