Saw this message only after I send my previous one. CC and WANTLIB updated.
On 9/17/19 1:03 AM, Stuart Henderson wrote: > On 2019/09/16 20:42, Mikolaj Kucharski wrote: >> Hi, >> >> On Thu, Sep 12, 2019 at 09:08:31AM +0200, Martijn van Duren wrote: >>> Ping >>> >>> Doesn't anyone want to replace dkimproxy with something that integrates >>> a little better? > > that's not a good incentive, i never used dkimproxy :) (amavisd used to do > that for me, but I switched to rspamd's signing a couple of years ago and > haven't had any interest in looking for alternatives yet). s/dkimproxy/amavisd/g, I want something that integrates better with smtpd. :-) Other advantages: it's a minimal implementation that's pledged and can run under a dedicated user for your dkim key. > >> I used this port and it worked for me. Initially I could not get >> DKIM pass with GMail, but with -c relaxed/relaxed Google is now >> happy. > > it's probably worth figuring out what's going on without that setting, but > generally relaxed/relaxed is recommended anyway Absolutely, and should be fixed. > > https://wordtothewise.com/2016/12/dkim-canonicalization-or-why-microsoft-breaks-your-mail/ > https://wordtothewise.com/2018/07/minimal-dmarc/ That entirely depends on your usecase and who you ask. The official RFC recommendation is: simple/simple: RFC6376 section 3.5 "c=". Hence this is the default for filter-dkimsign. If someone messes with my mail the recipient should be aware, even if it's not too intrusive.
dkimsign.tar.gz
Description: application/gzip
