Remove headers from Amavis
Miro Igov
miro.igov at pharmya.com
Fri Jan 21 11:06:27 CET 2022
Sounds good. Thank you for the info.
From: amavis-users <amavis-users-bounces+miro.igov=pharmya.com at amavis.org> On Behalf Of Savvas Karagiannidis
Sent: Friday, January 21, 2022 11:43
To: amavis-users at amavis.org
Subject: Re: Remove headers from Amavis
Hello,
You don't really have to remove the already existing DKIM signature headers, just as you do not remove any other headers from the email...
It is normal for a message to have multiple DKIM signature as it hops between servers that sign it.
According to RFC the message will be verified as long as any of the signatures is verified. Signatures that may be invalid are actually ignored in this case.
https://datatracker.ietf.org/doc/html/rfc7489 :
Note that a single email can contain multiple DKIM signatures, and it
is considered to be a DMARC "pass" if any DKIM signature is aligned
and verifies.
It may not be directly relevant to your question, but just clarifying this...
Regards,
Savvas Karagiannidis
On 21/1/2022 10:35, Miro Igov wrote:
I am absolutely sure that amavis is the only process signing emails.
If i disable amavis from signing $enable_dkim_signing = 0; in my /etc/amavis/conf.d/50-user config file i get only the original signature before reaching my mail server.
Imagine user at gmail.com <mailto:user at gmail.com> sends to miro.igov at pharmya.com <mailto:miro.igov at pharmya.com> and miro.igov at pharmya.com <mailto:miro.igov at pharmya.com> is set to forward a copy of the email to user at yahoo.com <mailto:user at yahoo.com>
In yahoo message i can see google dkim signature. I want google dkim stripped because it reports permfail as obviously message is altered in my amavis setup before forwarded to yahoo.
-----Original Message-----
From: TSHIMANGA Minkoka <mailto:tshikose at tshimix.cd> <tshikose at tshimix.cd>
Sent: Friday, January 21, 2022 08:03
To: Miro Igov <mailto:miro.igov at pharmya.com> <miro.igov at pharmya.com>; amavis-users at amavis.org <mailto:amavis-users at amavis.org>
Subject: Re: Remove headers from Amavis
Hello,
You can stop Amavis from DKIM signing emails by setting $enable_dkim_signing = 1; in /etc/amavis/amavis.conf
I think that in your case another process (maybe OpenDKIM) is DKIM signing the email, so you should stop Amavis doing so to avoid double signing.
Regards,
Tshimanga
--
This message has been sent as a part of discussion between PHARMYA and the
addressee whose name is specified above. Should you receive this message by
mistake, we would be most grateful if you informed us that the message has
been sent to you. In this case, we also ask that you delete this message
from your mailbox, and do not forward it or any part of it to anyone else.
Thank you for your cooperation and understanding.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.amavis.org/pipermail/amavis-users/attachments/20220121/41e93bd2/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PharmyaGDPRLogo1.png
Type: image/png
Size: 848 bytes
Desc: not available
URL: <https://lists.amavis.org/pipermail/amavis-users/attachments/20220121/41e93bd2/attachment.png>
More information about the amavis-users
mailing list