I thought of that, but discovered that all smtpd instances will need to sign at least some of the mail passing through. For example, an e-mail relayed from a content scanner *might* be tagged for encryption, in which case it would be forwarded to the encryption service and then sent on its way. Or it *might* no need to be encrypted, and would be sent on its way immediately.
Thanks Dave I -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Monday, October 15, 2007 1:38 PM To: [email protected] Subject: Re: [dkim-milter-discuss] Avoiding multiple signatures Dave, > The problem I see is that some e-mail can pass through the Postfix > more than once. For example, an e-mail might arrive at the gateway, be > forwarded to a content scanner, which might put back into Postfix > again where it will be forwarded to the encryption service, end up > back in Postfix again for final delivery. That's 3 times through > Postfix, which looks like to me 3 DKIM signatures (of which only the > last, post encryption, will verify). The cleanest and most efficient way is to not even invoke a signing milter from smtpd instances which do not need it. In your case you should only invoke it as a last stage, after content filtering. 10025 inet n - n - - smtpd -o content_filter= -o smtpd_milters=inet:127.0.0.1:4445 ... and keep a global setting for 'smtpd_milters' empty. Mark ------------------------------------------------------------------------ - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
