Re: how to setup opendkim for signing all outgoing mails
Hi Matthias,
At 02:16 08-05-2012, Matthias Weiss wrote:
>We are running a website that also has a blogging feature. A reader can
>contact the author via a webform where he/she can enter his/her
>email address,
>specify a subject and write a message body. When they click on the "send"
>button the website generates an email and sends it via the postfix MTA.
>
>So we have the situation where the generated emails have different "From"
>entries, always the same envelope "MAIL FROM" and always the same "Sender"
>address entry. We also want to sign *all* of our mails with opendkim.
You could use the IdentityHeader setting.
>The problem is - I haven't found a configuration setup with opendkim that
>allowes us to sign all mails with the key of our domain when the "From"
>address is not from our domain.
>A solution is using the "SenderHeaders csl:Sender"
>configuration but I'm
>little bit concerned that if we have an error in our website
>configuration and
>the "Sender" field isn't set than we're sending unsigned emails.
SenderHeaders is used for DKIM verification
>Can anyone suggest a solution where all of our mails are always signed with
>our domain key?
If there is an error in your website configuration, you could enforce
policy checks to prevent such messages from being sent out. You can
also use a wildcard to sign everything. That should match any domain
in the "From:" header field.
Regards,
-sm
Received on Tue May 08 2012 - 10:00:57 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:40 PST