Amavis Signing Incoming Mail

Birta Levente blevi.linux at gmail.com
Mon May 14 11:02:14 CEST 2012


On 12/05/2012 04:16, Stephen Guglielmo wrote:
> Hey,
>
> I have Amavis-new setup with Postfix, ClamAV, and spamassassin. I have
> it verifying and signing emails using dkim.
>
> I noticed that when I send myself an email from an off-server account,
> amavis adds a dkim signature to that email, then maildrop delivers it.
> An example:
>
> This is in the headers of an email sent to my server running
> amavis-new, from a third party email provider.
>
> Authentication-Results: domain.tld (amavisd-new);
>       dkim=pass (1024-bit key) reason="pass (just generated, assumed good)"
>       header.d=domain.tld

This is the result of the source(from) domain(which is domain.tld) DKIM 
signature verification at domain.tld.
So as you can see the from and to domain are the same. It's better to 
test with mails from other domains.




DKIM-Signature: v=1; a=rsa-sha256;
> c=relaxed/simple; d=domain.tld; h=
>       content-transfer-encoding:mime-version:content-language
>       :accept-language:message-id:subject:subject:date:date:from:from
>       :received:received:received:received; s=mail; t=1336784874; x=
>       1336871275; bh=24DdfY1P3gOE62wbCjpxXNsBrPKUqpfZxa5YiPHQpGM=; b=i
>       Ba+mVULBqvphBh+pisdQVIvy2Yw2Wc9t+Z95MhmqtKp6KuMcs+zw7U9wyVkvotIm
>       iK7/9fk4r92MYNpeIZuoBN84tXhdti/OO//pWJBWf2kT4i3OioGQlOhLtsgFVBE2
>       AuvFLRcBrPmYbL/TekAZLBEF8o6JO6fCSZdDsNuSTk=


Maybe your "off-server" sign too with DKIM?



>
> As you can see, it says "just generated, assumed good." I want to sign
> all outgoing mail, but what is the point of signing incoming mail as
> well?

Well, is there a case when I send as authenticated user from outside 
through this server, so I want to be signed my mails.




  Is there a way to prevent this?
>
> Thank you



Levi


More information about the amavis-users mailing list