Sounds good. Thank you for the info.
From: amavis-users <[email protected]> On Behalf Of Savvas Karagiannidis Sent: Friday, January 21, 2022 11:43 To: [email protected] Subject: Re: Remove headers from Amavis Hello, You don't really have to remove the already existing DKIM signature headers, just as you do not remove any other headers from the email... It is normal for a message to have multiple DKIM signature as it hops between servers that sign it. According to RFC the message will be verified as long as any of the signatures is verified. Signatures that may be invalid are actually ignored in this case. https://datatracker.ietf.org/doc/html/rfc7489 : Note that a single email can contain multiple DKIM signatures, and it is considered to be a DMARC "pass" if any DKIM signature is aligned and verifies. It may not be directly relevant to your question, but just clarifying this... Regards, Savvas Karagiannidis On 21/1/2022 10:35, Miro Igov wrote: I am absolutely sure that amavis is the only process signing emails. If i disable amavis from signing $enable_dkim_signing = 0; in my /etc/amavis/conf.d/50-user config file i get only the original signature before reaching my mail server. Imagine [email protected] <mailto:[email protected]> sends to [email protected] <mailto:[email protected]> and [email protected] <mailto:[email protected]> is set to forward a copy of the email to [email protected] <mailto:[email protected]> In yahoo message i can see google dkim signature. I want google dkim stripped because it reports permfail as obviously message is altered in my amavis setup before forwarded to yahoo. -----Original Message----- From: TSHIMANGA Minkoka <mailto:[email protected]> <[email protected]> Sent: Friday, January 21, 2022 08:03 To: Miro Igov <mailto:[email protected]> <[email protected]>; [email protected] <mailto:[email protected]> Subject: Re: Remove headers from Amavis Hello, You can stop Amavis from DKIM signing emails by setting $enable_dkim_signing = 1; in /etc/amavis/amavis.conf I think that in your case another process (maybe OpenDKIM) is DKIM signing the email, so you should stop Amavis doing so to avoid double signing. Regards, Tshimanga -- This message has been sent as a part of discussion between PHARMYA and the addressee whose name is specified above. Should you receive this message by mistake, we would be most grateful if you informed us that the message has been sent to you. In this case, we also ask that you delete this message from your mailbox, and do not forward it or any part of it to anyone else. Thank you for your cooperation and understanding.
