Results 1 to 4 of 4

Thread: DKIM Signing versus zimbraMtaRelayHost

  1. #1
    EmOperations is offline Junior Member
    Join Date
    Oct 2009
    Posts
    9
    Rep Power
    5

    Default DKIM Signing versus zimbraMtaRelayHost

    For context: we're currently running 6.0.1 Network Edition on CentOS machines (hosted on Amazon EC2 instances).

    To start with, we had successfully enabled outbound DKIM signing by adding the following to ~zimbra/conf/amavisd.conf, then running "zmamavisdctl restart"
    Code:
    $enable_dkim_signing = 1;
    dkim_key('<dkim-domain>', '<dkim-selector>', '<dkim-private-key-filename>');
    @mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8);
    Some time later, we configured Zimbra to relay email through our corporate server using:
    - "zmprov ms $(hostname) zimbraMtaRelayHost $relayserver:$relayport"
    - creation of ~zimbra/conf/relay_config with our values
    - "postmap hash:/opt/zimbra/conf/relay_config"
    - several postconf's to set smtp_* values
    - "postfix reload"

    While this works (email is relayed as expected), outbound emails are no longer being DKIM-signed. We don't want to do DKIM signing on the relay server, either, so I have two questions for the Postfix / Zimbra gurus:

    - Is this incompatibility likely being caused by an ordering of Postfix operations? (That is, is DKIM signing being done 'after' the relayhost procedure?)

    - If so, is there a simple way to reorder these steps, so that mail is signed _before_ being relayed to our corporate server?

    I would greatly appreciate any and all feedback. :-)
    Last edited by EmOperations; 05-13-2010 at 08:56 AM.

  2. #2
    EmOperations is offline Junior Member
    Join Date
    Oct 2009
    Posts
    9
    Rep Power
    5

    Default

    Does anyone know how I can get DKIM signing to happen before the external SMTP relay?

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by EmOperations View Post
    Does anyone know how I can get DKIM signing to happen before the external SMTP relay?
    I use the method with dk-milter (on my CentOS 5.4 server) rather than the one your using and don't seem to have any problems with the DKIM signature and relaying mail through another server. Perhaps that might be a better method than the one you're using?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    EmOperations is offline Junior Member
    Join Date
    Oct 2009
    Posts
    9
    Rep Power
    5

    Default

    Thank you for the pointer, phoenix. I'll look into using a milter approach instead of amavisd ... this looks promising: Index of /oss/dkim-milter

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. spfmilter, Domainkeys and DKIM
    By mohammedking in forum Administrators
    Replies: 1
    Last Post: 09-17-2009, 08:31 PM
  2. DKIM Coming?
    By LMStone in forum Developers
    Replies: 8
    Last Post: 08-21-2009, 04:50 AM
  3. [SOLVED] zimbra does not respect zimbraMtaRelayHost
    By gruad23 in forum Administrators
    Replies: 2
    Last Post: 04-06-2009, 03:15 PM
  4. Signing email with certificate
    By marshall1727 in forum General Questions
    Replies: 1
    Last Post: 04-02-2009, 03:58 PM
  5. Sever based message signing and encryption
    By gjhorne in forum Developers
    Replies: 1
    Last Post: 04-05-2007, 04:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •