On 9/28/06, Henrik Ostergaard <[EMAIL PROTECTED]> wrote:
This sounds promissing! But I have distributed, moving users and therefore
uses pop-before-smtp for authentication, which means that my IP list is in a
hash table, which is not in CIDR format. :-(
Your best choice is to set up SASL authentication. I don't think
these milters will play nice with pop-before-smtp. At best you would
have to restart the milter evertime someone checked their mail.
I came to think of something else - the approach described in the original
post suggests all mails are verified, but only authenticated mails are
signed.
No, the program chooses which to do based on parameters already
discussed. Authorized clients get signed, all others get verified.
It could probably rather easily be changed to sending the
non-locally submitted mails through the verification AFTER the content
filter. Ie in master.cf moving the lines
-o milter_default_action=accept
-o milter_macro_daemon_name=MTA
-o smtpd_milters=inet:127.0.0.1:4442,inet:127.0.0.1:4443
from the section
smtp inet n - - - - smtpd
to the section
localhost:10025 inet n - n - 10 smtpd
This looses the client information, and thinks localhost submitted all
the mail. Mail with forged sender address (or from a mail list) would
be signed.
Will this approach break the signatures if (when) the content filter
(amavis) adds headers?
Amavisd-new adds the headers on top so as to not break signatures.
Also using the -H option when signing tells dk-filter which headers to
use when verifying. But you shouldn't sign mail after the
content_filter, mail should only be signed at the point it first
enters your network.
This is way off topic for this list, post any followup questions to
the amavis-users or postfix-users list.
--
Noel Jones
