On Wednesday 16 December 2009 16:23:23 LuKreme wrote: > Given the following header: > > DKIM-Signature: v=1; a=rsa-sha1; d=bluehornet.com; s=bluehornet-1.bh; > c=relaxed/simple; q=dns/txt; i...@bluehornet.com; t=1258661618; > h=From:Subject:X-Outgoing:Date; > bh=3HPqQ2/9JeqpKI5xZpBSBX0GumA=; > b=XpEFvxW0dFfl5OlV5dHIU8Ni6rwDsdZc6VtH75m06ssjPZWhQn3RAXGUwzBGQkmj > SxvJflgYzAqWFGJJK2dkcyHClpWtnaADS6+ydLJxo3ZufzKT8Ndz5R1zKnlHyzoI; > From: "Buffets, Inc." <ec...@buffetsinc.com> > > is > whitelist_from_dkim *...@buffetsinc.com bluehornet.com > the correct syntax for whitelisting these emails?
Yes. The *...@buffetsinc.com matches address in From header field, the bluehornet.com matches the 'd' tag in a DKIM or DK signature. > I'm adding address book users into the user_prefs files, but without the > signing domain this is useless and emails for my users are still getting > tagged up as spam (these in particular score 7-10 points without the > whitelist). Is there a better way, or do I just have to go in and find a > DKIM-Signature for each address book entry and then parse out the d= > field? That's pretty much it. Alternative might be to collect DKIM_VALID hits from the log (like amavisd-new log with rules logging turned on and a 'From' included in the log) and match that to your whitelist. Or, considering there are currently not that many signing domains which you might want on a whitelist, just deal with these. Mark