Re: opendkim-genkey and "r=" tag

From: Giovanni Bajo <rasky_at_develer.com>
Date: Mon, 29 Aug 2011 23:18:01 +0200

Il giorno 29/ago/2011, alle ore 21:16, Murray S. Kucherawy ha scritto:
>> -----Original Message-----
>> From: Giovanni Bajo [mailto:rasky_at_develer.com]
>> Sent: Monday, August 29, 2011 5:07 AM
>> To: Murray S. Kucherawy
>> Cc: opendkim-users_at_lists.opendkim.org
>> Subject: Re: opendkim-genkey and "r=" tag
>>
>> My own server works with "SenderHeaders Sender,From" since we use
>> Mailman which always added the Sender headers (or at least, we
>> configured it this way).
>>
>> I was just trying to suggest a solution for a configuration that would
>> make opendkim sign mails generated by (most) mailing-lists by default.
>> Since half of the time we spent on configuring opendkim was on finding
>> out how to make it work with Mailman, I thought this could be helpful
>> for everybody else.
>
> In that case, maybe what would help is a section in opendkim/README with recommended settings for use with Mailman. Would you be willing to write such text, based on what you found to work, for the next release?

Sure, I'll send the patch soon.

> The SenderHeaders setting is what the filter uses to determine whether or not a message gets signed. It's therefore not possible to split it as you suggested, because your split presumes that decision has already been made while it's actually the basis for the decision.


You could first check SigningSenderHeaders (default: List-Post,From). In case there's no match in the signing table, you decide there's nothing to sign, and go checking for VerifyingSenderHeaders (default: From,To) to verify existing signatures. Would that work?
-- 
Giovanni Bajo   ::  rasky_at_develer.com
Develer S.r.l.  ::  http://www.develer.com
My Blog: http://giovanni.bajo.it



Received on Mon Aug 29 2011 - 21:18:10 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:19 PST