(Since you installed OpenDKIM instead, I'll Cc: that list and we should move
this discussion over there.)
There are rewrite rules in the sendmail configuration that change the From:
field (features called "masquerade" and "genericstable"). That's why it
appears to be delivered with the From: field you expect. The problem is that
those changes are made only after the filter has seen them, which is why you
have to tell opendkim to sign for "localhost.localdomain" because that's what
the filter sees.
In fact, you might want to check that the signatures are being validated,
because they probably are failing since the data are essentially being changed
in transit.
You will probably need either the "replace rules" feature to deal with this, or
you'll need to arrange that your mail is generated with the final domain name
in there and not "localhost.localdomain" to get it verifying properly.
From: Willem Kossen [mailto:[email protected]]
Sent: Monday, August 08, 2011 5:16 AM
To: dkim-milter general discussion
Subject: Re: [dkim-milter-discuss] sendmail non-smtpd possible?
Ah, I think i figured it out...
what happens in many cases is that mail originates from
[email protected]. I didn't tell opendkim to sign mail from that
domain. Still the mail ends up as @wkossen.nl<http://wkossen.nl> in the
recipients mailbox, but sendmail didn't know that at the time the mail was
delivered to it. during input, it was localhost.localdomain. therefor no
signing. Now I told opendkim in the config file that the domain
localhost.localdomain should be signed and it worked.
and squirrelmail delivered mail as user@localhost (no localdomain) I added that
domain too. this is far from ideal, a bit of a hack, but I guess it works.
thanks for the help
On Sat, Aug 6, 2011 at 9:27 AM, Murray S. Kucherawy
<[email protected]<mailto:[email protected]>> wrote:
First, as Rolf said, you should switch to opendkim. This package has been
unmaintained for over two years.
I just tried it with sendmail 8.14.4 and opendkim 2.4.2 (just released!), and
it signed a message I sent using the sendmail shell interface rather than SMTP.
Since that means sendmail does provide milter service to mail that's piped in,
you should be able to get dkim-milter to do it too unless there was a bug in it
in this regard.
You can always use LogWhy to track down why your mail isn't being signed. It
might have something to do with a domain name mismatch in the mail you're
feeding.
Good luck,
-MSK
From: Willem Kossen [mailto:[email protected]<mailto:[email protected]>]
Sent: Friday, August 05, 2011 5:57 AM
To:
[email protected]<mailto:[email protected]>
Subject: [dkim-milter-discuss] sendmail non-smtpd possible?
Hi there,
I have succesfully implemented dkim signing in my mailserver, but it only works
when mail is delivered to it via smtp. A lot of mail however comes in via
sendmail executable for instance because of websites, webmail or applications
sending out notices. I want that mail to be signed as well. Is it possible at
all (like in postfix non-smtpd filters) or in any other way? in fact, i would
like all outgoing mail to be signed.
Thanks
--
------------
Willem Kossen
------------------------------------------------------------------------------
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile developers. Connect with experts.
Get tools for creating Super Apps. See the latest technologies.
Sessions, hands-on labs, demos & much more. Register early & save!
http://p.sf.net/sfu/rim-blackberry-1
_______________________________________________
dkim-milter-discuss mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
--
------------
Willem Kossen
[email protected]<mailto:[email protected]>
------------------------------------------------------------------------------
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile developers. Connect with experts.
Get tools for creating Super Apps. See the latest technologies.
Sessions, hands-on labs, demos & much more. Register early & save!
http://p.sf.net/sfu/rim-blackberry-1
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
