Your message dated Sat, 15 Mar 2025 13:22:00 +0100 with message-id <[email protected]> and subject line Re: Bug#625782: exim4-config: dkim should not try sign when forwarding has caused the Debian Bug report #625782, regarding exim4-config: dkim should not try sign when forwarding to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 625782: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625782 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: exim4-config Version: 4.72-6 Severity: normal I have dkim signing enabled using the debian DKIM_* macros. When mail is forwarded using .forward, exim still tries to look up a key for the domain. When it fails, it logs a warning that goes both to mainlog and paniclog. (I think the latter is a separate issue, bug 567876.) I can't immediately figure out how to disable signing for forwarded messages. If you can give me a hint as to how I might accomplish this, I'll try to work it out. It seems like this should be the default, since forwarded mails are not generally from a domain I control, and they should have already been signed upstream. Andrew -- Package-specific info: Exim version 4.72 #1 built 31-Jan-2011 19:18:05 Copyright (c) University of Cambridge, 1995 - 2007 Berkeley DB: Berkeley DB 4.8.30: (April 9, 2010) Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch nis nis0 passwd Authenticators: cram_md5 plaintext Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 GnuTLS compile-time version: 2.8.6 GnuTLS runtime version: 2.8.6 Configuration file is /var/lib/exim4/config.autogenerated # /etc/exim4/update-exim4.conf.conf # # Edit this file and /etc/mailname by hand and execute update-exim4.conf # yourself or use 'dpkg-reconfigure exim4-config' # # Please note that this is _not_ a dpkg-conffile and that automatic changes # to this file might happen. The code handling this will honor your local # changes, so this is usually fine, but will break local schemes that mess # around with multiple versions of the file. # # update-exim4.conf uses this file to determine variable values to replace # the DEBCONFsomethingDEBCONF strings in the configuration template files. # # Most settings found in here do have corresponding questions in the # Debconf configuration, but not all of them. # # This is a Debian specific file dc_eximconfig_configtype='internet' dc_other_hostnames='pimlott.net;madstop.net' dc_local_interfaces='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='' CFILEMODE='644' dc_use_split_config='true' dc_hide_mailname='' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' mailname:pimlott.net -- System Information: Debian Release: 6.0.1 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.30.5-xenU (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages exim4-config depends on: ii adduser 3.112+nmu2 add and remove users and groups ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy exim4-config recommends no packages. exim4-config suggests no packages. -- Configuration Files: /etc/exim4/conf.d/auth/30_exim4-config_examples changed: plain_server: driver = plaintext public_name = PLAIN server_condition = "${if crypteq{$auth3}{${extract{1}{:}{${lookup{$auth2}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}" server_set_id = $auth2 server_prompts = : .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} .endif cram_md5: driver = cram_md5 public_name = CRAM-MD5 client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}} client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}} PASSWDLINE=${sg{\ ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\ }\ {\\N[\\^]\\N}\ {^^}\ } plain: driver = plaintext public_name = PLAIN .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS client_send = "<; ${if !eq{$tls_cipher}{}\ {^${extract{1}{:}{PASSWDLINE}}\ ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}\ }fail}" .else client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\ ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}" .endif login: driver = plaintext public_name = LOGIN .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS # Return empty string if not non-TLS AND looking up $host in passwd-file # yields a non-empty string; fail otherwise. client_send = "<; ${if and{\ {!eq{$tls_cipher}{}}\ {!eq{PASSWDLINE}{}}\ }\ {}fail}\ ; ${extract{1}{::}{PASSWDLINE}}\ ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}" .else # Return empty string if looking up $host in passwd-file yields a # non-empty string; fail otherwise. client_send = "<; ${if !eq{PASSWDLINE}{}\ {}fail}\ ; ${extract{1}{::}{PASSWDLINE}}\ ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}" .endif /etc/exim4/passwd.client [Errno 13] Permission denied: u'/etc/exim4/passwd.client' -- debconf information: * exim4/dc_other_hostnames: pimlott.net;madstop.net * exim4/dc_eximconfig_configtype: internet site; mail is sent and received directly using SMTP exim4/dc_noalias_regenerate: false exim4/no_config: true exim4/hide_mailname: * exim4/dc_postmaster: andrew exim4/dc_smarthost: * exim4/dc_relay_domains: * exim4/dc_relay_nets: * exim4/mailname: pimlott.net exim4/dc_readhost: * exim4/use_split_config: true exim4/exim4-config-title: * exim4/dc_localdelivery: mbox format in /var/mail/ * exim4/dc_local_interfaces: * exim4/dc_minimaldns: false
--- End Message ---
--- Begin Message ---On 2011-05-05 Andrew Pimlott <[email protected]> wrote: > Package: exim4-config > Version: 4.72-6 > Severity: normal > I have dkim signing enabled using the debian DKIM_* macros. When mail > is forwarded using .forward, exim still tries to look up a key for the > domain. When it fails, it logs a warning that goes both to mainlog and > paniclog. (I think the latter is a separate issue, bug 567876.) > I can't immediately figure out how to disable signing for forwarded > messages. If you can give me a hint as to how I might accomplish this, > I'll try to work it out. It seems like this should be the default, > since forwarded mails are not generally from a domain I control, and > they should have already been signed upstream. [...] I think the correct way to do this is not to selectively disable DKIM but to use SRS. old-school forwarding seems to be untenable nowadays. cu Andreas
--- End Message ---
