Re: Having opendkim reject unsigned email from domains with adsp dkim=all

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Fri, 2 Nov 2012 11:45:39 -0700 (PDT)

On Fri, 2 Nov 2012, Benoit Panizzon wrote:
> Now I would except my MX (and all the others) which runs sendmail and
> opendkim milter, to reject this email, becuase my adsp record tells
> everyone out there that I sign all emails.
>
> But this is not what happens. The email is happily accepted and just a header
> added, that the dkim-adsp failed.
>
> Authentication-Results: magma.woody.ch; dkim=none (no signature);
> dkim-adsp=fail (insecure policy)

Your ADSP policy is "all". opendkim will only reject mail if your policy
is "discardable". "all" causes a "fail", but no rejection action.

Give that a try.

-MSK
Received on Fri Nov 02 2012 - 18:45:55 PST

This archive was generated by hypermail 2.3.0 : Fri Nov 02 2012 - 18:54:01 PST