Re: Signing Table Wildcard?
On Mon, Aug 29, 2011 at 7:32 AM, Todd Lyons <tlyons_at_ivenue.com> wrote:
> On Sun, Aug 28, 2011 at 9:01 PM, Murray S. Kucherawy <msk_at_cloudmark.com> wrote:
>> SigningTable doesn't check for "*_at_example.com". The order is:
>>
>> steve_at_example.com
>> example.com
>
> Maybe add a little bullet proofing and internally drop /^\*\_at_/ leaving
> just the domain, which would then match the second one in the list.
>
>> See the opendkim.conf(5) man page under "SigningTable".
>
> I suppose that would need to be documented, otherwise, it will turn
> into a bug at some point in the future.
Ah - OK, now I know *_at_example.com wasn't working for me when it KNEW
it was for me before. I used the RPM version of OpenDKIM on this new
server (natch), and the default conf file I use didn't have refile: in
the SigningTable option.
On one of my older servers that does have
refile:/etc/opendkim/SigningTable I have the following SigningTable:
*_at_example.com selector._domainkey.example.com
*_at_bounce.example.com selector._domainkey.example.com
*_at_host2.example.com selector._domainkey.example.com
*_at_host3.example.com selector._domainkey.example.com
*_at_example2.com default._domainkey.example2.com
And that signs mail as I expected it to "everyone at THIS
(host.)domain.tld use THAT selector."
Or am I still understanding it incorrectly and just lucking out that
this refile: wildcard approach works? :)
SteveJ
Received on Sun Sep 04 2011 - 21:53:19 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:20 PST