Re: opendkim AUTH pass-es for received mail, but fails on forward ...
hi,
On Tue, Apr 10, 2012, at 09:29 PM, Murray S. Kucherawy wrote:
> > is it opendkim config ( in "policy data"?), zimbra config, screwy
> > process flow, or something else?
>
> Policy data, in this context, is based on a query to the DNS based on the
> domain name found in the From: field. (See RFC5617.) So two questions
> come to mind:
>
> 1) Is the From: unchanged between the two deliveries?
the original external -> zimbra delivery has a From: ==
"###_at_fastmail.fm".
the rule-processed messages in both cases, namely (1) that 'kept' in the
receiving account's inbox, and (2) that forwarded to the the other
zimbra account's inbox, have the SAME From: as each other, and as the
original message.
> 2) What's in the data that each machine
it's just the one machine, hosting the two domains, with opendkim
config'd to do multi-domain signing using a Signing- and Key-tables.
> sees when you take the From:
> domain, prepend "_adsp._domainkey." to it, and issue a TXT query for that
> name? That's what the filter will do to evaluate policy.
on my zimbra server, for the external, sending domain, per your request,
dig TXT _adsp._domainkey.fastmail.fm +short
"v=spf1 include:spf.messagingengine.com ?all"
which is substantially different than for my two hosted domains,
dig TXT _adsp._domainkey.doma.locusetest.net +short
"dkim=all"
dig TXT _adsp._domainkey.domb.locusetest.net +short
"dkim=all"
not that i know if that's a concern. i can say that port25verifier
tests tell me it's OK ...
Received on Tue Apr 10 2012 - 21:43:26 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:39 PST