On 25/09/2008, at 12:01 AM, Wietse Venema wrote:
James Brown:The flow of my email is: Mail.app -> ASSP -> Postfix -> amavisd-new -> Postfix -> Astaro Gateway -> Internet I think :-)Your mail is modified AFTER the DKIM signature is computed. Therefore, the source of the message not breaking the signature. However, you can use this source to send the same test message repeatedly, and to find out what your email looks like at different points AFTER it is signed. This will reveal what is making the change that breaks the DKIM signature. Wietse
Thanks Wietse.Astaro is doing the DKIM signing, so if I understand you correctly, my mail flow is not as I described it above.
My master.cf ends with: tlsmgr unix - - n 1000? 1 tlsmgr retry unix - - n - - error 10026 inet n - n - - smtpd vacation unix - n n - - pipeflags=DRhu user=autoresp argv=/Library/WebServer/Documents/ postfixadmin/VIRTUAL_VACATION/vacation.pl
amavisd-new unix - - n - 2 smtp
-o smtp_data_done_timeout=1200s
-o smtp_send_xforward_command=yes
-o smtp_tls_note_starttls_offer=no
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o
receive_override_options
=no_header_body_checks,no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients=
-o smtpd_milters=
-o local_recipient_maps=
-o relay_recipient_maps=
I'll have to look into it more tomorrow.
James.
smime.p7s
Description: S/MIME cryptographic signature
