Re: opendkim AUTH pass-es for received mail, but fails on forward ...

From: <>
Date: Tue, 10 Apr 2012 14:43:13 -0700


On Tue, Apr 10, 2012, at 09:29 PM, Murray S. Kucherawy wrote:
> > is it opendkim config ( in "policy data"?), zimbra config, screwy
> > process flow, or something else?
> Policy data, in this context, is based on a query to the DNS based on the
> domain name found in the From: field. (See RFC5617.) So two questions
> come to mind:
> 1) Is the From: unchanged between the two deliveries?

the original external -> zimbra delivery has a From: ==

the rule-processed messages in both cases, namely (1) that 'kept' in the
receiving account's inbox, and (2) that forwarded to the the other
zimbra account's inbox, have the SAME From: as each other, and as the
original message.

> 2) What's in the data that each machine

it's just the one machine, hosting the two domains, with opendkim
config'd to do multi-domain signing using a Signing- and Key-tables.

> sees when you take the From:
> domain, prepend "_adsp._domainkey." to it, and issue a TXT query for that
> name? That's what the filter will do to evaluate policy.

on my zimbra server, for the external, sending domain, per your request,

        dig TXT +short
                "v=spf1 ?all"

which is substantially different than for my two hosted domains,

        dig TXT +short
        dig TXT +short

not that i know if that's a concern. i can say that port25verifier
tests tell me it's OK ...
Received on Tue Apr 10 2012 - 21:43:26 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:39 PST