RE: Is it possible to force the d= part in the DKIM-Signature: header?

> -----Original Message-----
> From: opendkim-users-bounce_at_lists.opendkim.org [mailto:opendkim-users-bounce_at_lists.opendkim.org] On Behalf Of Luke
> Sent: Wednesday, June 29, 2011 9:04 AM
> To: opendkim-users_at_lists.opendkim.org
> Subject: Is it possible to force the d= part in the DKIM-Signature: header?
>
> Hi there,
>
> I was wondering if it's possible to always set d=example.com.
>
> I don't know if this is the best solution but I'll briefly explain the
> setup.
>
> We have many different sites on many domains, we aren't using our own
> mail for mailing lists etc, we use a third party provider for that.
>
> But for notification emails (signup, lost password, etc) we use our
> own postfix relay server.
>
> I've recently set this up (before each server was using their own
> default sendmail and of course getting blacklisted on spam sites for
> localhost.localdomain) now everything seems to be working nicely.
>
> As we are acting as our own third party relay server of sorts instead
> of setting up the TXT record for every domain i thought it would be
> nice if we could sign it as the relay server itself.
>
> I can get it to sign if i send from "example.com" but if i send from
> "example.org" it wont sign (but I don't mind if it is signed from a
> different domain)

A copy of your current configuration file(s) would be helpful, but basically the SigningTable and KeyTable together can produce the effect you want. See opendkim/README and the opendkim.conf(5) man page. If you still have questions, you're welcome to follow up here.
Received on Wed Jun 29 2011 - 17:51:08 PST