-
-
Notifications
You must be signed in to change notification settings - Fork 373
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dkim_signing not signing when NOT from localhost #1768
Comments
DKIM signing module uses some predefined policy (subject to configuration) to determine which mails it should sign/with what domain. It wants to see that authenticated usernames contain the DKIM signing domain- in your case usernames are unqualified so that won't work- you'll want to set |
OK, but I also want to know, what username rspamd saw is, why it is not match. |
allow_username_mismatch = false; If false, messages from authenticated users are not selected for signingCopy by https://rspamd.com/doc/modules/dkim_signing.html#principles-of-operation Why authenticated users are not selected for signing? Thanks. |
Descriptions are above settings:
Rspamd logs know about usernames:
|
Yes, it work now, thank you. |
Classification (Please choose one option):
Reproducibility (Please choose one option):
Rspamd version:
1.6.2
Operation system, CPU, memory and environment:
OpenBSD, Intel 64bit, 8G ram
Description (Please provide a descriptive summary of the issue):
I setup dkim_signing for signing dkim header/mail,
I noticed, it work only when I use webmail (from locahost/127.0.1),
It can not work / do not sign, when I use K9mail (mobile) or thunderbird (desktop),
both are not from (localhost/127.0.0.1),
I enabled debug log for dkim_signing
debug_modules = ["dkim_signing"];
and I saw this on logging, when I use K9mail/thunderbird (This one NOT work)
dkim_signing; dkim_sign_tools.lua:95: use domain(header) for signature: wonghome.net
dkim_signing; dkim_sign_tools.lua:121: couldnt find domain in username
When I use webmail (rspamd signed dkim to header/mail), I saw this (This one WORK)
dkim_signing; dkim_sign_tools.lua:38: mail is from local address
dkim_signing; dkim_sign_tools.lua:95: use domain(header) for signature: wonghome.net
How do I debug / find out, what problem is it?
Please help, thank you.
Compile errors (if any):
Steps to reproduce:
Expected results:
Actual results:
Debugging information (see details here):
Configuration:
my /etc/rspamd/local.d/milter_headers.conf
strict_auth = true;
my /etc/rspamd/local.d/dkim_signing.conf
allow_envfrom_empty = true;
allow_hdrfrom_mismatch = false;
allow_hdrfrom_multiple = false;
allow_username_mismatch = false;
auth_only = true;
path = "/etc/dkim/$domain/$selector.key";
selector = "mail";
sign_local = true;
symbol = "DKIM_SIGNED";
try_fallback = true;
use_domain = "header";
use_esld = true;
use_redis = false;
key_prefix = "DKIM_KEYS";
domain {
wonghome.net {
path = "/etc/dkim/wonghome.net/mail.key";
selector = "mail";
}
}
Additional information:
The text was updated successfully, but these errors were encountered: