On Wed, Jul 04, 2018 at 11:44:00AM +0200, Teno Deuter wrote: > makes sense indeed. > > In that case would be OK if I include that user in the wheel group? I > mean from a security point of view.Any concerns about this? >
why do that ? why not simply change ownership on the key to that of _dkimproxy rather than give that user more privileges ? > Thank you for your help > > On Wed, Jul 4, 2018 at 11:27 AM, Gilles Chehade <[email protected]> wrote: > > On Wed, Jul 04, 2018 at 10:29:51AM +0200, Teno Deuter wrote: > >> indeed. What I'm doing is the following: > >> > >> a system user who is part of the wheel group, launches a neomutt > >> session and sends an email. I thought that this user tries to do the > >> dkim sign but obviously this is wrong! Could it be the '_dkimproxy' > >> user or the '_smtpd' one? > >> > > > > probably _dkimproxy, smtpd doesn't do signing > > > > > >> On Wed, Jul 4, 2018 at 9:03 AM, Gilles Chehade <[email protected]> wrote: > >> > On Wed, Jul 04, 2018 at 01:22:52AM +0200, Teno Deuter wrote: > >> >> I had that before but then I get the following error in the maillog: > >> >> > >> >> dkimproxy.out[71987]: signing error: Error: cannot read > >> >> /var/dkimproxy/default.private: Permission denied > >> >> > >> > > >> > Permission denied may be caused by access to the directory too, i > >> > suspect that > >> > whatever is trying to dkim sign does not have the rights to reach your > >> > key. > >> > > >> > -- > >> > Gilles Chehade > >> > > >> > https://www.poolp.org @poolpOrg > >> > >> -- > >> You received this mail because you are subscribed to [email protected] > >> To unsubscribe, send a mail to: [email protected] > >> > > > > -- > > Gilles Chehade > > > > https://www.poolp.org @poolpOrg -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
