DKIM signing

Rick Cooper rcooper at dwford.com
Mon Jun 22 20:34:51 IST 2009 

I am not sure how sendmail does things but I use two instances of exim as
well,
 
    eximIN (check DKIM)----------------->INqueue--> MailScanner(Do MS
Stuff)---->OUTQueue-----> EximOut(Sign DKIM and other out stuff)
 
The only difference between the exim instance is the config(s) the use. I
have no recpt,data,ehlo acls in the outbound and I have no domainkey/DKIM
signing in the inbound
 
Rick

  _____  

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Alex Neuman
Sent: Monday, June 22, 2009 2:58 PM
To: MailScanner discussion
Subject: Re: DKIM signing


The point I was trying to make is that MailScanner works like this
(oversimplifying, I know, but bear with me):

1. First instance of sendmail grabs e-mail after milters and such, and
deposits in an incoming queue
2. MailScanner grabs, scans, deals with messages in the queue and places
them in the outgoing (final) queue
3. Second instance of sendmail grabs e-mail from outgoing (final) queue and
delivers them to their final destination.

In order to DKIM-sign things it would have to be done using the second
instance. Since MailScanner basically runs the same instance of sendmail
using a command line parameter to distinguish the two, there would have to
be a slight change to the way step 3 is done if you wanted to do it on one
machine. Otherwise step 4 would be to have the outgoing MTA (separate
machine) do the DKIM signing.

Please correct me if I'm looking at this the wrong way.


On Mon, Jun 22, 2009 at 1:42 PM, Rick Cooper <rcooper at dwford.com> wrote:


I don't use sendmail (exim no milters required) but I am sure there is a way
to handle it easily in sendmail. Be advised however that when I first
implemented domainkeys the test server at sendmail.net was the only
domainkeys test server (of 4) to state that my keys were invalid. It does
pass my DKIM keys but still doesn't pass the domainkeys.
 
Rick

  _____  

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Alex Neuman
Sent: Monday, June 22, 2009 12:02 PM
To: MailScanner discussion
Subject: Re: DKIM signing


Any chance of someone thinking up a way to fire up a third instance of
sendmail on one machine to do something like this?


On Mon, Jun 22, 2009 at 10:38 AM, Rick Cooper <rcooper at dwford.com> wrote:


You don't want to sign dkim or domainkeys until the last thing before the
message is "place on the wire". Any modification made after the signing
with, of course make the signature invalid. This means the outbound MTA has
to be the signing agent.

Rick

-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of ram
Sent: Monday, June 22, 2009 7:15 AM
To: MailScanner discussion
Subject: DKIM signing

Can I use any plugin in MailScanner to DKIM sign outbound mail



--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!





-- 
Alex Neuman van der Hans
Reliant Technologies
+507 6781-9505
+507 202-1525
alex at rtpty.com
Skype: alexneuman

-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 

-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!






-- 
Alex Neuman van der Hans
Reliant Technologies
+507 6781-9505
+507 202-1525
alex at rtpty.com
Skype: alexneuman

-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090622/ec3eb83a/attachment.html

More information about the MailScanner mailing list