On Friday, 28 September 2018 2:19:10 PM AEST Odhiambo Washington wrote: > On Wed, 26 Sep 2018 at 08:47, Richard James Salts via Exim-users < > > [email protected]> wrote: > > On Tuesday, 25 September 2018 10:28:42 AM AEST Odhiambo Washington via > > Exim-users > > > > wrote: > > > Hi everyone, > > > > > > I have multiple domains hosted on the same server. They are virtual > > > domains. The server has just one IP address and one Exim instance. > > > I am wondering how to easily do DKIM signing for these domains. I > > > decided > > > to use the same selector for all the domains to make life easy. Would > > > the > > > following transport work? If not, what is the best way to do this for > > > multiple domains sharing the same IP address? > > > > > > remote_smtp_DK: > > > driver = smtp > > > dkim_domain = ${sender_address_domain} > > > dkim_selector = csl > > > dkim_private_key = > > > > > > "/etc/pki/tls/dk/${sender_address_domain}-dkim.priv.key" > > > > > > dkim_canon = relaxed > > > dkim_strict = true > > > > I use dkim_domain = > > ${filter{${map{${addresses:$h_from:}}{${domain:$item}}}} > > {match_domain{$item}{+local_domains}}} > > which will match any addresses in a from field that are local, in addition > > if dkim_domain is a > > list it will sign with multiple signatures (e.g. From: <user1@local1>, > > <user2@local2>, > > <user3@remote> will add dkim signature for local1 and local2 domains. > > Hi Richard > > When I use your dkim_domain option, the mail does not get signed, but mails > get signed using my option > > dkim_domain = ${if > exists{/etc/pki/tls/dk/${lc:$sender_address_domain}-dkim.priv.key}{${lc:$sen > der_address_domain}}{}} #dkim_domain = > ${filter{${map{${addresses:$h_from:}}{${domain:$item}}}}{match_domain{$item} > {+local_domains}}} > > How can I test your expansion manually? As Jeremy suggested you can use exim -bem /path/to/message, you probably want a combination of mine and yours in the expansion as you're testing on the existence of a key for a particular domain whereas I'm signing for all domains considered local with the same key. Maybe instead of the {match_domain ...} part of the filter you should instead use your {${if exists{/etc/pki/tls/dk/$ {lc:$item}-dkim.priv.key}} or something like that.
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
