Evgeniy Berdnikov via Exim-users <[email protected]> writes: > On Thu, Oct 14, 2021 at 05:50:23PM +0300, Odhiambo Washington via Exim-users > wrote: >> On Thu, Oct 14, 2021 at 4:25 PM Evgeniy Berdnikov via Exim-users < >> [email protected]> wrote: >> > | dkim_selector Use: smtp Type: string list†Default: >> > unset >> > | >> > | This sets the key selector string. After expansion, which can use >> > | $dkim_domain, this can be a list. Each element in turn is put in the >> > | expansion variable $dkim_selector which may be used in the >> > | dkim_private_key option along with $dkim_domain. >> > >> > Does the assignment dkim_selector="key1:key2" work? >> > >> >> I don't think that would work, because I have to then match a selector to a >> key. > > The last sentense in the cited paragraph explains how this match works. > Read it again carefully. Description of dkim_private_key repeats it: > > | dkim_private_key Use: smtp Type: string†Default: unset > | > | This sets the private key to use. You can use the $dkim_domain and > | $dkim_selector expansion variables to determine the private key to use.
Indeed, but getting it to work took a while for me too. I'm now using
the following (Debian-esque config but you should see how it works):
DKIM_CANON = relaxed
DKIM_SELECTOR = ed2110 : rsa2110
DKIM_DOMAIN = ${sender_address_domain}
DKIM_PRIVATE_KEY = ${lookup {${sender_address_domain}} \
dsearch,ret=full {/etc/exim4/dkim} \
{$value/privkey-$dkim_selector.pem} {false}}
DKIM_TIMESTAMPS = 1209600
/Simon
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
