Tony Earnshaw wrote: > Alin Năstac skrev, on 13-11-2007 18:07: > > >> For some reason that escapes me, dkim-filter delivers unsigned messages >> which originates from my domain. The relevant part of my configuration is: >> UseSSPDeny Yes >> On-SignatureMissing reject >> > > What configuration? What Sendmail dkim-filter version? What MTA? > I use dkim-milter-2.3.2. My MTA is postfix-2.3.6. This is my dkim-filter.conf, stripped by the comments and empty lines:
BodyLengths Yes
Canonicalization relaxed/simple
Domain domain.com,domain.eu
KeyFile /etc/mail/dkim-filter/selector.private
InternalHosts /etc/mail/dkim-filter/internalhosts
On-BadSignature reject
On-DNSError tempfail
On-InternalError tempfail
On-NoSignature accept
On-SignatureMissing reject
PeerList /etc/mail/dkim-filter/peerlist
Selector selector
SendReports Yes
SignatureAlgorithm rsa-sha256
Socket unix:/var/run/dkim-filter/dkim-filter.sock
SubDomains Yes
Syslog Yes
SyslogSuccess Yes
UserID milter
UseSSPDeny Yes
Statistics /var/run/dkim-filter/dkim-filter.stats
>
>> My SSP DNS record:
>> _ssp._domainkey IN TXT "dkim=strict; handling=deny"
>>
>
> The above DNS record is rubbish.
>
Care to explain? IMO it is in concordance with the record syntax
published in
http://www.ietf.org/internet-drafts/draft-ietf-dkim-ssp-01.txt .
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
