On 26.12.2011 23:09, fakessh @ wrote: > Le lundi 26 décembre 2011 21:36, Stevan Bajić a écrit : >> On 26.12.2011 19:06, fakessh @ wrote: >> >> [...] >> >>> !DSPAM:4ef8b7f7135191441210059! >> Hmm.... this is your error. You modify the body of the message AFTER you >> have signed it with DKIM/DomainKeys. If you really need to add the DSPAM >> signature on outbound messages and you want the message to be valid >> signed with DKIM/DomainKeys then you need to do the signing after you >> have processed the message with DSPAM. >> >> This not DSPAMs fault (*). You are the one doing the error by not >> configuring a proper mail flow. >> >> >> (*) Yeah, yeah. One could argue and say that DSPAM should be >> DKIM/DomainKeys aware and not put the DSPAM signature in the body if the >> mail is digitally signed with DKIM/DomainKeys. > ie I use dkimproxy to sign emails. there is not an option in this case present > to dspam problem So you are telling me that this is a DSPAM problem? You understand that you told DSPAM to inject the DSPAM signature at the end of the body and you made the mail flow as such that first the message is signed by dkimproxy and then later processed by DSPAM. So how is this a DSPAM problem when you are the one breaking DK/DKIM?
It is like making another SMTPD process in Postfix (for example on port 25025) and tell that instance to modify the body of the message (with altermime or other tools) and then you go on and sign the message first with dkimproxy and then you pass that singed message to the other Postfix instance running on port 25025 and after that you claim that Postfix is broken because Postfix broke the signed message. Sorry but it is your setup that is breaking DK/DKIM. You use DSPAM to break the signature but it really does not matter what tool/mechanism you use to break the signature. As soon as you modify the body content of the message AFTER you have signed it with DK/DKIM you are breaking the DK/DKIM signature. I think you don't understand the concept of DK/DKIM else you would not claim that DSPAM is breaking your DK/DKIM signed messages. DSPAM is in this case really the one breaking the signed message but it is YOU telling DSPAM to break it. -- Kind Regards from Switzerland, Stevan Bajić ------------------------------------------------------------------------------ Write once. Port to many. Get the SDK and tools to simplify cross-platform app development. Create new or port existing apps to sell to consumers worldwide. Explore the Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
