Re: Signing multiple domains via wildcard (fwd)

From: Daniel Black <daniel.subs_at_internode.on.net>
Date: Sat, 29 May 2010 13:05:01 +1000

On Saturday 29 May 2010 03:24:58 Murray S. Kucherawy wrote:
> Kudos to Daniel for suggesting the idea that a Lua script could be invoked
> in place of a database.

thanks. I was hoping it got used for things like this I hadn't even thought
of.

> The configuration would be:
>
> KeyTable lua:/path/to/keytable/script
> SigningTable lua:/path/to/signingtable/script
>
> Note that I have not tried this, but it seems like it'll work, and it
> makes me enormously glad we added Lua support in v2.0.0. :-)
Kudos to Murray :-)
 
> The reason this should get direct support is that Lua invocation is
> reported to be somewhat expensive (though I've not verified this either).
> If this is potentialy a popular feature, we should have support for it
> that doesn't require a Lua script to implement.

FFR - rather than new directives perhaps a pcre map type.

SigningTable pcre:/[^_at_]*@\.(.*)/\1/
KeyTable pcre:#(.*)#selector:\1:/usr/local/etc/dkim/keys/key#

Signing table returns the domain as the key name. Keytable returns the domain
as the signing name with a constant selector and key.

note: pcre is using # in the second instance as separator to avoid too many
escaping on filenames.

Daniel
Received on Sat May 29 2010 - 03:06:29 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:32:52 PST