Incoming mail with faked sender domain is being DKIM signed

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Sat Nov 25 14:16:16 CET 2017


* Robert Schetterer <rs at sys4.de>:
> Am 24.11.2017 um 17:16 schrieb Ralf Hildebrandt:
> > * Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>:
> >> Incoming mail with faked sender domain is being DKIM signed
> >> (config attached)
> > 
> > I was testing this with 2.11.0 - went back to 2.10.1 and the expected
> > behaviour was restored ( mail from !MYNETS is not being DKIM signed).
> > 
> > So what has changed?
> > 
> 
> just a try....search for dkim
> 
> https://www.ijs.si/software/amavisd/release-notes.txt
> 
> 
> - Policy bank names in a @client_ipaddr_policy setting can now accept
>   a comma-separated list of policy names to be loaded on a match
>   (for loading of policy banks based on an IP address of a SMTP client).
>   Whitespace around each policy name is allowed and is stripped.
>   Previously only a single policy bank name was allowed in each entry
>   of @client_ipaddr_policy.
> 
>   This makes it consistent with loading of policy banks based on a
>   DKIM-based setting @author_to_policy_bank_maps, and on virus checker
>   results via the @virus_name_to_policy_bank_maps setting.

I don't think it's relevant. I can't assign a @client_ipaddr_policy,
the client could come from anywhere...

-- 
Ralf Hildebrandt                   Charite Universitätsmedizin Berlin
ralf.hildebrandt at charite.de        Campus Benjamin Franklin
https://www.charite.de             Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155


More information about the amavis-users mailing list