On Tue, Apr 23, 2024 at 7:33 AM <dovecot-requ...@dovecot.org> wrote:
> > I am upgrading to postfix 3.9.0. I have not used DKIM in previous postfix
> > installs, but I
>> would like to start now with the new google rules. I have done some research
>> and opendkim
>> is the most recommended, however, other research states the opendkim has
>> been
>> abandoned by it's maintainers. So I am looking for a good alternative dkim
>> software
>> that will work with postfix that I can compile myself. I do not run on any
>> linux
>> version, so therefore I can not just apt-get a new dkim application.
>> I run Solaris and therefore need to compile my applications, postfix and
>> dkim.
>> Any good suggestions will be appreciated.
I just rolled out a locally compiled opendkim on my mail server. It
works, but there
are a few gotchas.
Although it seems like a moribund project, there is a late beta
version that includes
some important patches, most notably the "Header:\n LongHeaderValue" bug that
needs fixing. You can look at
https://sourceforge.net/p/opendkim/patches/
to find that patch, as well as others you deem important. As DKIM standards
are not going to change soon, having end-of-line software is not as
bad as it seems
unless you need particular enhancements to make it work better in your
circumstances.
Once you get your setup dialed, you can probably set it and forget it.
Most of the headaches have actually been internal: local mail
injection via sendmail
would skip miltering, From header canonicalization by the MTA would not be
seen by the opendkim milter thereby creating messages with missing or invalid
signatures, and mailing list/auto reply/forwarder software mangling messages.
I think Postfix does a better job in this regard, so these issues may
not present itself.
(I did a Postfix/opendkim milter on an Ubuntu system and it was much
less hassle.)
You should look at *lots* of DMARC RUA reports. People are doing crazy batsh*t
stuff with your mail domain.
Joseph Tam <jtam.h...@gmail.com>
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
