Dave,
> The problem I see is that some e-mail can pass through the Postfix more
> than once. For example, an e-mail might arrive at the gateway, be
> forwarded to a content scanner, which might put back into Postfix again
> where it will be forwarded to the encryption service, end up back in
> Postfix again for final delivery. That's 3 times through Postfix, which
> looks like to me 3 DKIM signatures (of which only the last, post
> encryption, will verify).
The cleanest and most efficient way is to not even invoke a signing milter
from smtpd instances which do not need it. In your case you should only
invoke it as a last stage, after content filtering.
10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_milters=inet:127.0.0.1:4445
...
and keep a global setting for 'smtpd_milters' empty.
Mark
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
