On 5/23/22 13:51, post...@ptld.com wrote:
Rejects a command is if something in that milter returns a reject response code like 4xx or 5xx. If dkim runs first before dmarc, and dkim issues a 5xx reject causing the email to be rejected by postfix, then that's it, ...
Yes, of course. That's not the interesting bit. Hmm - possibly I do not understand exactly how a milter responds to Postfix. Does a milter only "return a response code"? My understanding has been that a milter can also *modify* a mail message, including both the message body and the message headers. And then, what version of a mail message will a subsequent milter "see" after a preceding milter has acted upon the mail message? And then, a DKIM milter is, perhaps, unusual, in the sense that it may either - or both? - "sign" a mail message, and also "verify" a mail message. What happens to a mail message passing through a sequence of two DKIM milters, neither of which "rejects" the message - or rather, does a second DKIM milter process a mail message "as modified" by a preceding DKIM milter? Or, does each DKIM milter *always* issue some kind of "accept" or "reject" response code, regardless of whether it is "signing" or "verifying"? What I'm wondering is, is it possible - or even reasonable - to have OpenDKIM "sign" outgoing messages, and have Rspand "verify" incoming messages? Or, that's not going to work? James
