Re: SMTP server mode

From: Quanah Gibson-Mount <>
Date: Mon, 22 Oct 2012 22:01:24 -0700

--On Monday, October 22, 2012 9:42 PM -0700 "Murray S. Kucherawy"
<> wrote:

> On Mon, 22 Oct 2012, Quanah Gibson-Mount wrote:
>> Unfortunately, this solution is not acceptable either. This is because
>> if it is set up this way, messages get signed *after* Amavis verifies
>> them.
> Why is that bad?

Because Amavis uses the verification for scoring. This problem only really
arises in mail between two users on the same server -- Amavis is only
called once, so the verification happens before the signing. So you get
mail from user "x" which hasn't been verified, which people may notice.

>> Thus, the only solution is to dump OpenDKIM and use Amavis for signing,
>> or for OpenDKIM to implement an agent like Amavis does so it does not
>> have to be used as a milter.
> Short of someone contributing his or her own time and energy to do make
> this change, it's not going to happen in the short term. It's a very
> large change and will take time to plan and test before it can be
> released.

Further follow up with Wietse seems to imply I can get this done, so I'll
follow up once I have it all working.


Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration
Received on Tue Oct 23 2012 - 05:01:44 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:44 PST