On Monday 15 October 2007 12:16, Dave Isaacs wrote:
> Disclaimer: I am a dkim-milter newbie. Heck, I am an e-mail newbie.
>
> I am working with an e-mail encryption gateway that is running with
> Postfix, and wanting to use dkim-milter to sign outgoing messages.
>
> The problem I see is that some e-mail can pass through the Postfix more
> than once. For example, an e-mail might arrive at the gateway, be
> forwarded to a content scanner, which might put back into Postfix again
> where it will be forwarded to the encryption service, end up back in
> Postfix again for final delivery. That's 3 times through Postfix, which
> looks like to me 3 DKIM signatures (of which only the last, post
> encryption, will verify). There is a RemoveOldSignatures setting which
> will avoid there being 3 signatures at the same time, but it is still a
> waste of cycles.
>
> Is there any way to avoid this? Is there a way for dkim-milter to be
> instructed to NOT sign a message, based on a the presence of (or lack
> of) a header value?
Murray already gave you some milter oriented idea. From the Postifx end you
can specify the milter to be called by one smtpd instance identified your
Postfix master.cf (instead of a global setting in main.cf). Something like:
service_name inet n - y - 16 smtpd
... other items
-o milter_default_action=accept
-o milter_macro_daemon_name=SIGNING
-o smtpd_milters=inet:localhost:8891
Scott K
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
