--On Wednesday, October 10, 2012 3:01 PM -0700 Quanah Gibson-Mount
<quanah_at_zimbra.com> wrote:
>> Ok, cool. Even simpler. :) I'll give it a shot. ;)
>
> Ok, that perfectly handles the case when Amavis is enabled.
Unfortunately, this solution is not acceptable either. This is because if
it is set up this way, messages get signed *after* Amavis verifies them.
According to Wietse, there is *no* solution that will correctly do:
OpenDKIM signing
Amavis
with OpenDKIM as anything but a milter that is run before everything else,
thus triggering the problem of not being able to queue email:
------------------------------------------------------------------------
There is, and there will not be, a queue between the Postfix SMTP
server protocol engine and the Postfix Milter client protocol engine,
where email messages wait until a broken Milter server comes back.
Not in Postfix, not in Sendmail, not in other MTAs. The Milter
protocol is designed for before-queue agents, so that they can
inspect the SMTP command stream as it happens.
------------------------------------------------------------------------
Thus, the only solution is to dump OpenDKIM and use Amavis for signing, or
for OpenDKIM to implement an agent like Amavis does so it does not have to
be used as a milter.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
Received on Mon Oct 22 2012 - 23:30:59 PST