Quanah, > > One noteworthy missing feature is the DKIM signing service, which is > > a separate daemon process which is intended to provide the only access > > to DKIM signing keys, avoiding the need to have these files readable > > to UID under which amavisd is running. > > Does this include the ability to have amavis query DKIM signing keys > out of LDAP to provide a scalable solution?
Yes, the main purpose of having a separate signing service is to decouple LDAP access to private keys from the main amavisd daemon. I'd hate to see these keys accessible to a process running under UID of amavis or having a LDAP password/credentials in an amavisd config file. Making this possible involved cooperation from Jason Long, the author or Mail::DKIM module, for which I'm grateful. The client side code in amavisd is ready and is in -pre4, the signing service is in the works and is not included with -pre4. Mark ------------------------------------------------------------------------------ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
