OpenDKIM and MailScanner

David Jones djones at ena.com
Thu Apr 12 12:07:23 UTC 2018 

Setup 2 different OpenDKIM instances and run the checking/header adding one on smtpd_milters and the other signing one on non_smtpd_milters.

Dave

________________________________
From: MailScanner <mailscanner-bounces+djones=ena.com at lists.mailscanner.info> on behalf of Ken Smith <kens at kensnet.org>
Sent: Thursday, April 12, 2018 4:23 AM
To: MailScanner Discussion
Subject: OpenDKIM and MailScanner


Hullo - I'm new to this list but been a MailScanner user for 10+ years.

I have an installation of M'Scanner 5.0.7 on Centos 6 with Sendmail. I'd
like to have all e-mail go out with an appended footer that has company
standard signature / disclaimers etc etc. I'm also using DKIM.

 From what I can see the DKIM signature is generated by the incoming
sendmail instance that receives the message from the MUA, and the result
placed in mqueue.in. MailScanner then does its work including modifying
the message body, because I have "Sign Clean Messages set" and my custom
footer is in inline.sig.* As far as I can tell, MailScanner then invokes
sendmail to actually do the sending.

The catch appears to be that the message body has been modified, footer
added etc,  after the DKIM signature has been calculated and thus the
DKIM checks fail on delivery. :-(

Would it be possible to arrange for the DKIM signature to be calculated
by the outgoing sendmail on the completed message? This might involve
two different .cf files. One without the DKIM milter for the incoming
Sendmail and one with DKIM settings for the outgoing.

Receipt of e-mail, in this instance, is done by another machine. My
suggestion may not work well for verifying DKIM validity on receipt as
the incoming Sendmail instance would be need to be in verify mode for
that one. I guess two OpenDKIM instances could be run. One in verify and
one in send mode.

Would this be easier with Postfix & alterMIME rather than Sendmail?

Thoughts on this suggestion or other ideas???

Many thanks

Ken



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180412/e5b30bd5/attachment.html>

More information about the MailScanner mailing list