Internal and External Hosts

From: Nikolaos Milas <>
Date: Tue, 06 Dec 2011 21:04:34 +0200


We are planning the deployment of DKIM signatures using OpenDKIM on
Centos 5.7. On the same box we have one Outgoing (SMTP) mail server
(Postfix) which serves internal clients (on the LAN) and external
(outside of the organizational LAN) SASL-authenticated clients. We want
to sign mail messages by clients when they send mail using addresses of
the form: *, *,
*, ...

I would like to ask: In order to sign correctly outgoing mail for all
our clients, is it sufficient to declare as InternalHosts? In
other words, the opendkim.conf "InternalHosts" setting applies to mail
clients (local or SASL-authenticated), or in fact only is an
"InternalHost" since only is actually sending mail?

In essence, what exactly is really matched by OpenDKIM against
InternalHosts entries (i.e. what is happening behind the scene)?

So, if:

    ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
    InternalHosts refile:/etc/opendkim/TrustedHosts

then /etc/opendkim/TrustedHosts should be:

or just:


Received on Tue Dec 06 2011 - 19:04:48 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:22 PST