Re: [exim] DKIM and debian buster...

Wed, 08 Jul 2020 13:46:38 -0700 

Mandi! Mike Tubby via Exim-users
  In chel di` si favelave...

>> I'm used, in exim on debian stretch (4.89-2+deb9u7) add something like:
>>
>>       DKIM_CANON = relaxed
>>       DKIM_SELECTOR = 2020
>>       DKIM_DOMAIN = ${lc:${domain:$h_from:}}
>>       DKIM_PRIVATE_KEY = ${if 
>> exists{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{0}}
>>
>> to enable DKIM for selected 'from' addresses in my servers, using predefined
>> '.ifdef' in predefined debian transports.
> 
> I think you can say:
>     DKIM_SELECTOR = "2020"
>     DKIM_PRIVATE_KEY = /etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem
> and Exim's business logic will get it correct, i.e. if it finds a key it 
> will sign with it otherwise it wont attempt to sign.  The other thing is 
> that your key needs to be readable by whatever UID/GID Exim is running as.

Seems true. Inserting simply:

        DKIM_CANON = relaxed
        DKIM_SELECTOR = 2020
        DKIM_DOMAIN = ${lc:${domain:$h_from:}}
        DKIM_PRIVATE_KEY = /etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem

now DKIM signatures get added, and so filenames are correct, as name and
permission, but now i got in paniclog:

        2020-07-08 00:50:52 1jswQN-0006Ml-18 unable to open file for reading: 
/etc/exim4/dkim/linux.it-2020-private.pem

where clearly 'linux.it' is for every non-local domains (better: for every
domain that doesnt have a DKIM key; i have a mailing list server on that
server, so also: for every user of one mailing lists that does not have a
DMARC strict policy ;).


So, i'm back with my original question. Why a macro:

        DKIM_PRIVATE_KEY = ${if 
exists{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{/etc/exim4/dkim/DKIM_DOMAIN-DKIM_SELECTOR-private.pem}{0}}

that worked perfectly before stretch, now does not work anymore?

And also:

>> How can i debug trasport?! ;-)


Thanks.

-- 
  Si dice che se fai girare un cd di installazione di Windows al contrario
  nel lettore cd si sentono messaggi satanici. Questo è niente: fallo
  andare nel verso giusto e installa Windows!                   (?)



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to