[Postfixbuch-users] DKIM auf Submission-Port

Stephan Seitz stse+postfixbuch at fsing.rootsland.net
Mo Jul 5 13:22:24 CEST 2010


On Mon, Jul 05, 2010 at 07:18:44AM +0200, Andreas Schulze wrote:
>Am 02.07.2010 14:49 schrieb Stephan Seitz:
>> ... in den Debug-Meldungen von DKIM-Filter, daß die Mail nicht signiert wird, weil der dynamische
>> Dial-Up-IP-Bereich nicht zur Domän gehört.
>zeige mal die dkim config

Danke für die Hilfe, hier ist sie:

# Log to syslog
Syslog                  yes
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
UMask                   002
# Sign for example.com with key in /etc/mail/dkim.key using
# selector ‚2007’ (e.g. 2007._domainkey.example.com)
Domain                  fsing.rootsland.net,fsing.rootsland.de
#KeyFile                /etc/mail/mail200801.private
KeyFile         /etc/mail/mail201002.private
Selector                mail201002
# Common settings. See dkim-filter.conf(5) for more information.
#AutoRestart            no
AutoRestart             yes
AutoRestartRate         10/1h
#Background             yes
#Canonicalization       simple
Canonicalization        relaxed/simple
#DNSTimeout             5
#Mode                   sv
Mode                    s
#SignatureAlgorithm     rsa-sha256
#SubDomains             no
#ASPDiscard             no
#Version                rfc4871
#X-Header               no
X-Header                yes
OmitHeaders     
Return-Path,Received,Comments,Keywords,Bcc,Resent-Bcc,DKIM-Signature
###############################################
# Other (less-standard) configuration options #
###############################################
# 
# If enabled, log verification stats here
Statistics              /var/run/dkim-filter/dkim-stats
#
# KeyList is a file containing tuples of key information. Requires
# KeyFile to be unset. Each line of the file should be of the format:
#    sender glob:signing domain:signing key file
# Blank lines and lines beginning with # are ignored. Selector will be
# derived from the key’s filename.
#KeyList                /etc/dkim-keys.conf
#
# If enabled, will generate verification failure reports for any messages
# that fail signature verification. These will be sent to the r= address
# in the policy record, if any.
#SendReports            yes
#
# If enabled, will issue a Sendmail QUARANTINE for any messages that fail
# signature verification, allowing them to be inspected later.
#Quarantine             yes
#
# If enabled, will check for required headers when processing messages.
# At a minimum, that means From: and Date: will be required. Messages not
# containing the required headers will not be signed or verified, but 
# will
# be passed through
RequiredHeaders yes
#LogWhy yes


Shade and sweet water!

	Stephan

-- 
| Stephan Seitz             E-Mail: stse at fsing.rootsland.net |
| PGP Public Keys: http://fsing.rootsland.net/~stse/pgp.html |
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : signature.asc
Dateityp    : application/pgp-signature
Dateigröße  : 198 bytes
Beschreibung: Digital signature
URL         : <https://listi.jpberlin.de/pipermail/postfixbuch-users/attachments/20100705/52a3d20f/attachment.asc>


Mehr Informationen über die Mailingliste Postfixbuch-users