On Thu, Jun 3, 2010 at 11:02 AM, John Jetmore <[email protected]> wrote: > This caught me off guard because I didn't intend to enable DKIM and I > don't reference it anywhere in my config. I don't have an > acl_smtp_dkim defined. Is this the intended behavior? It doesn't > seem to follow the principle of least astonishment.
I read a little further in chapter 54 and I see the relevant comments about verification being turned on by default and how to disable it. I added the following to src/EDITME to get some more coverage: #------------------------------------------------------------------------------ # By default Exim includes code to support DKIM (DomainKeys Identified # Mail, RFC4871) signing and verification. Verification of signatures is # turned on by default. See the spec for information on conditionally # disabling it. To disable the inclusion of the entire feature, set # DISABLE_DKIM to "yes" # DISABLE_DKIM=yes > Last night I got the following in my paniclog on that server: > > 2010-06-03 02:52:36 1OK5EC-0003AM-0q DKIM: Error while running this > message through validation, disabling signature verification. Back to the source of my question, is the above log a big deal? Is it something I need to address? We actually page in response to paniclog entries because the volume of messages is so low and typically are actionable (out of memory, clamd unavailable, etc). I can just whitelist this and move on, just curious if paniclog's the right place for it, or if more info could be added to help understand the problem. Thanks --John -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
