On Thu, 1 May 2008, Erik Lotspeich wrote:
The side-effect of this configuration is that locally-generated e-mail
destined for a local address (e.g. mail from [EMAIL PROTECTED] destined
to myself [EMAIL PROTECTED]) will be signed twice and never verified:
the MSA/dkim-filter will sign the e-mail and the MTA/dkim-filter will
sign the e-mail.
I would be happy with either of the following solutions:
1. Locally originated/destined mail would never be signed or verified
OR
2. Locally originated/destined mail would be signed and verified
There's already a feature request on SourceForge (1940233) to have a
"don't sign mail addressed to" list. Seems that's a possible solution to
(1).
You could accomplish (2) by running one instance that signs and one that
verifies.
I believe that I can accomplish #1 using the MacroList feature, but it is
not clear to me how to use this feature to accomplish this goal.
You would need to adjust your MTA to create a macro with some specific
value, and to pass that macro to the filter by the end-of-headers phase of
milter, and then configure the filter to look for that value. The
first two are MTA-specific; the latter would look like this in your
filter configuration:
MacroList macroname=value
This would sign the message only of macro "macroname" is set and contains
"value".
Also, the LogWhy parameter in dkim-filter.conf appears to have no effect
on my system. I do not get additional messages when this parameter is
enabled. What syslog log level does this log at (I've enabled them all in
my syslog configuration just in case -- to no avail)? Is there something
special I need to do to use this feature? I do have "Syslog yes" set in
my dkim-filter.conf.
There's a bug in the config file processing. Try the attached patch.
Index: dkim-filter.c
===================================================================
RCS file: /cvs/dkim-filter/dkim-filter.c,v
retrieving revision 1.361
diff -u -r1.361 dkim-filter.c
--- dkim-filter.c 22 Apr 2008 21:49:25 -0000 1.361
+++ dkim-filter.c 1 May 2008 17:08:13 -0000
@@ -1385,8 +1385,8 @@
if (!conf->conf_logwhy)
{
- (void) config_get(data, "LogWhy", &conf->conf_dolog,
- sizeof conf->conf_dolog);
+ (void) config_get(data, "LogWhy", &conf->conf_logwhy,
+ sizeof conf->conf_logwhy);
}
(void) config_get(data, "SyslogSuccess",
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
