Filed bug:
https://bugs.exim.org/show_bug.cgi?id=2236
Torsten
On 2/8/18 10:27 AM, Jeremy Harris wrote:
On 08/02/18 07:03, Torsten Tributh via Exim-users wrote:
Postmasters might be interested in the newly issued RFC:
https://www.rfc-editor.org/rfc/rfc8301.txt
To start following this RFC with
Section 3.1. Signing and Verification Algorithms
I started using the sample from:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-support_for_dkim_domainkeys_identified_mail.html
In my config now:
dmarc_history_file = /somewhere/dmarc_history.txt
warn condition = ${if eq {$dkim_algo}{rsa-sha1}}
condition = ${if eq {$dkim_verify_status}{pass}}
logwrite = NOTE: forcing dkim verify fail (was pass)
set dkim_verify_status = fail
set dkim_verify_reason = hash too weak
I guessed that after changing the dkim_verify_status the DMARC status
will also change and that later in the dmarc_history_file
will be some DKIM failed informations.
I assume you've observed a sample resulting in that log line?
I would like to use the change of DKIM to fail and inform postmasters
about that with the generated DMARC reports, but i can't find any fail
in there.
I've not tried running the (experimental) DMARC code. Nobody ever cared
enough to create testcases in the testsuite, either...
If you can put together an example that fails, it would be helpful to
open a bug with it. At least it'll be documented then.
--
Torsten
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
