Hi Murray,
Yes creating a symlink for the private key to point to the selector is too
complicated for admins at other site to maintain.
Not sure if you have a feature request list? I like to add a feature that
the selector name can be independent of the private key name for dkim
signing of the dkim.conf file.
Thank you.
On 8/21/07, Murray S. Kucherawy <[EMAIL PROTECTED]> wrote:
>
> On Tue, 21 Aug 2007, Janet N wrote:
> > The problem is my organization uses a selector name that get auto
> > generated and it's name are different than the private key name. How do
> > I get around this, can I use a KeyFile to achieved what I want?
>
> As you stated, the KeyList entries are of this form:
>
> sender-pattern:signing-domain:keypath
>
> ...and the selector used when that match hits is the filename portion of
> "keypath".
>
> Therefore, if you want a different selector name than the filename of the
> key, the easiest thing I can think of is a symbolic link. To use your
> specific example:
>
> > Domain example.com,test.com,shrek.com
> > KeyFile /etc/mail/keys/private.pem
> > Selector 5982340
>
> You could:
>
> cd /etc/mail/keys
> ln -s private.pem 5982340
>
> ...and then have a KeyList of:
>
> [EMAIL PROTECTED]:example.com:/etc/mail/keys/5982340
> [EMAIL PROTECTED]:test.com:/etc/mail/keys/5982340
> [EMAIL PROTECTED]:shrek.com:/etc/mail/keys/5982340
>
> This would sign all mail whose sender matches any of the sender-patterns
> with a "d=" matching the sender's domain, use "s=5982340" for the
> selector, and use the private key stored in /etc/mail/keys/5982340 (which
> is a symlink to /etc/mail/keys/private.pem).
>
> If this is too complicated or impractical for your environment, feel free
> to open a feature request to get the format of the KeyList modified.
>
> -MSK
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> dkim-milter-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
