Where you've put it seems like the right place to me. Acme Mail is doing the wrong thing here. It should respect $upasname for this purpose, like marshal does. I think this is just a change to mesgsend in /acme/mail/src/reply.c; unlike marshal, don't overwrite user, but just wrap "fprint(ofd, "From: %s\n", user);" with a check for $upasname being set.
I'm interested in using your DKIM thing, too, so thanks. :-) > On Jan 29, 2018, at 10:58 , Dave MacFarlane <driu...@gmail.com> wrote: > > I started hosting my personal domain's email on 9front and wanted to > sign my outgoing emails with a DKIM, so I wrote something in Go that > reads a message from stdin and writes a DKIM signed version to stdout > (https://github.com/driusan/dkim). > > I was planning on using it in /mail/lib/remotemail by having the final > "exec smtp [...]" replaced by " exec dkimsign [...] | upas/smtp [...]" > and that works with marshal (if I ensure that I add all the headers > that I'm signing manually), but not acme. > > From what I can tell, acme always uses a From line of "From: > localname" (overriding any that you manually specified), and expects > upas/smtp to add in the domain, which is causing the signature to fail > after smtp modifies the signed header. (marshal leaves any headers > that you manually specify unmolested, so the signature is valid as > long as you include a fully qualified From: line while writing the > message.) > > Is there a better place/way to do the signing? Ideally I could sign it > as the last thing it does before going out over the wire, but at the > very least I need to sign it after expanding the addresses. (The > standard says I also need to do the hashing before smtp dot stuffing, > but I can take care of that with a flag on the Go side..) The best I > can think of is some convoluted mix of "upas/smtp -f .domainname | > dkimsign | [some script that undoes most of what upas/smtp -f did ] | > upas/smtp", but I have a feeling I'm just missing some better place to > do the signing from. > > - Dave