On 6/27/05, Adam Goryachev <[EMAIL PROTECTED]> wrote:
> On Mon, 2005-06-27 at 16:13 +0300, Sorin Pop wrote:
> > Hello
> >
> > I want to know if somebody is interested in helping me make a patch
> > for adding DomainKey support to qmail-scanner. I am asking this since
> > there is a perl library (Mail::DomainKeys) that for the moment (only)
> > checks for a valid DK signature of an incoming mail, but since
> > qmail-scanner can also check outgoing mails, I guess it isn't hard to
> > make it add the domainkey signature.
>
> Yep, I thought about doing this briefly some time ago... but then I
> didn't follow it through. I was wondering if SA would check that
> already, and simply score the email appropriately...
Adding the DK check/sign before SA check will do that (adding the DK
headers for outgoing and checking them on incoming). It will actully
add the DK headers the only problem is that I don't know if SA knows
to handle DK signature (if it actually does something with it, or it
is ignored)
>
> > The only problem that I can think of now, is how to determine if
> > mail is delivered local, or it is delivered remote (to sign it or to
> > check it), since --local-domains isn't good enough. I was thinking of
> > some way to read the domains from rcpthosts and know which domains are
> > local (will check the signature) and which are not (will have to sign
> > them). Also to check if the mail is sent from local to local and sign
> > it, afterwards check it :))))
>
> Perhaps the simplest method is this:
> if ($RC == 1)
> {
> # @domains is a list of the domains for which we have a key
#that's true... every domain that has a signature is a local one :))
> foreach($domain (@domains))
> {
> if ($emailfrom =~ /^$thisdomain$/)
> {
> signemail($email)
> }
> }
> }
>
> This way, we encrypt ALL emails (incoming or outgoing) which have RC set
> (ie, we 'trust' this user) and also claim to be from an domain for which
> we have an appropriate encryption key.
>
> Initially simply checking for a valid key on incoming mail could be
> useful though...
That's the ideea :) (for now at least)
>
> Regards,
> Adam
>
The only problem now is that I don't know where to start :) Since I
have the Mail::DomainKey implementation, but I dono where to integrate
it :))
Will start looking, anyway my best guess is that domainkey (maybe
later SPF) is to be done first, afterwards spam an virus check
Regards,
Sorin
> --
> --
> Adam Goryachev
> Website Managers
> Ph: +61 2 9345 4395 [EMAIL PROTECTED]
> Fax: +61 2 9345 4396 www.websitemanagers.com.au
>
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> Qmail-scanner-general mailing list
> Qmail-scanner-general@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
>
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id�492&op=click
_______________________________________________
Qmail-scanner-general mailing list
Qmail-scanner-general@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
