[opendkim-dev] Re: FW: [dkim-milter-discuss] authentication not detected. mails not signed

From: SM <sm_at_resistor.net>
Date: Thu, 20 Aug 2009 13:25:48 -0700

Hi Murray,
At 09:24 20-08-2009, Murray S. Kucherawy wrote:
>[repost; I never saw the first version, so sorry if this is a duplicate]

I think that the previous post did not make it because of a DNS issue.

> > -----Original Message-----
> > From: Mike Markley [mailto:mike_at_markley.org]
> > Sent: Wednesday, August 19, 2009 12:47 PM
> > To: dkim-milter-discuss_at_lists.sourceforge.net
> > Subject: Re: [dkim-milter-discuss] authentication not detected, mails
> > not signed
> >
> > [...]
> > 1. The milter-greylist README still suggests overriding
> > Milter.macros.envfrom to read "i, {auth_authen}". If you've done
> > that, then that means dkim-filter is no longer getting the macro
> > *it*
> > needs to check SMTP AUTH ({auth_type}). The default is now
> > "Milter.macros.envfrom=i, {auth_type}, {auth_authen}, {auth_ssf},
> > {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}". That should
> > satisfy both filters.
>
>Maybe this should be something the filter should be able to select
>at runtime, with the default being {auth_type}?

Thinking aloud, this is more of a configuration/documentation issue
than a bug. Whatever macro we pick, there is always a risk that it
is not provided to the milter. The better fix may be to document
what is required for the SMTP AUTH to be detected.

>Perhaps it should work like the Macros setting, where the list of
>macros with possible values can be specified.

That can be done too. In this case, there is an expectation that
opendkim detects whether it is an authenticated connection. Although
it is not optimal, what do you think about testing for auth_authen as well?

Regards,
-sm
Received on Thu Aug 20 2009 - 20:26:35 PST