On 6/14/2011 8:34 AM, Ralf Hildebrandt wrote:
Today I found that some sites behind a PIX/ASA firewall with "smtp
protocol fixup" would not accept DKIM signed mails.
Solution:
=========
master.cf:
nodkim unix - - - - - smtp -o
smtp_header_checks=pcre:/etc/postfix/no_dkim.pcre
main.cf:
transport_maps = cdb:/etc/postfix/transport
and in /etc/postfix/transport:
mrnaz.com nodkim:
/etc/postfix/no_dkim.pcre contains:
/^DKIM-Signature:/ IGNORE
# this strips a DKIM Signature
I think I posted something almost exactly like this a while
ago (year+?). Anyway, I can confirm that I've had this same
problem and came up with the same workaround, still in place.
-- Noel Jones
