I've done some testing with yahoo, and this is what I've found:
.) yahoo to toaster seems to work fine with domain keys. I see yahoo's
signature in the header, and it was accepted ok.
.) toaster directly to yahoo with dk signature works. Message goes into
bulk yahoo folder, I think because toaster is on a dynamic IP address.
.) toaster using smtproutes (I presume with dk is still signing) via
outbound.mailhop.org (a dyndns.org service) works. Message goes into
inbox yahoo folder.
I don't see a way on yahoo to inspect headers, so I'm presuming a little
here. I have a test in progress with cox.net where I'll be able to
inspect headers. I expect it will be ok too.
BL, domainkeys work ok with smtproutes (at least through dyndns's
mailhop). It's still possible that some ISPs *may* screw things up, but
they shouldn't (in theory).
If anyone would care to explain in more detail why this works, or comes
across a case where it doesn't, I'm all ears. I'm guessing that DK
signatures reflect some, but not all header information.
Note, I'm running the current (1.3) toaster on CentOS4.3.
Eric "Shubes" wrote:
Ok, I think I'm getting it.
My understanding is that the DK signature is generated from the header
and the body, so any additions/alterations would invalidate the
signature. So I tend to agree with you.
If that's the case, though, then what DynDNS told me is wrong. I'm
hesitant to question them, as they're pretty sharp with this stuff too.
I'm wondering how this *could* work. Maybe certain (routing related)
header entries aren't included in the signature. That would almost need
to be the case, given server farms and requirements of very large
companies. Otherwise, key (especially private) distribution could be a
nightmare.
Anywise, no sense in speculating. I should be seeing failures in a day
or two if this indeed doesn't work. Stay tuned...
Erik Espinoza wrote:
DomainKeys only works if your server talks directly to the destination
server. If you force all your mail via your isp server using
smtproutes, then their server will add some headers which will in turn
invalidate all your DomainKey signatures.
--
-Eric 'shubes'
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
