Exim 4.71 不会将 DKIM 签名添加到外发电子邮件中

Exim 4.71 不会将 DKIM 签名添加到外发电子邮件中

我正在尝试将 DKIM 添加到我的域,我已经创建了一个密钥,并将以下内容添加到/etc/exim4/conf.d/transport/30_exim4_config_remote_smtp

dkim_domain = mydomain.com
dkim_selector = mail1
dkim_private_key = /etc/exim4/dkim.key

重新启动exim服务,尝试过dpkg-reconfigure,但所有电子邮件均未签名就发送。/var/log/exim4/panic.log为空。没有错误或任何内容。

我做错了什么?Ubuntu 10.04 LTS

### transport/30_exim4-config_remote_smtp
#################################
# This transport is used for delivering messages over SMTP connections.

remote_smtp:
  debug_print = "T: remote_smtp for $local_part@$domain"
  driver = smtp
.ifdef REMOTE_SMTP_HOSTS_AVOID_TLS
  hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS
.endif
.ifdef REMOTE_SMTP_HEADERS_REWRITE
  headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
.endif
.ifdef REMOTE_SMTP_RETURN_PATH
  return_path = REMOTE_SMTP_RETURN_PATH
.endif
.ifdef REMOTE_SMTP_HELO_DATA
  helo_data=REMOTE_SMTP_HELO_DATA
.endif

dkim_domain = mydomain.com
dkim_selector = mail1
dkim_private_key = /etc/exim4/dkim.key

.ifdef DKIM_CANON
dkim_canon = DKIM_CANON
.endif
.ifdef DKIM_STRICT
dkim_strict = DKIM_STRICT
.endif
.ifdef DKIM_SIGN_HEADERS
dkim_sign_headers = DKIM_SIGN_HEADERS
.endif

电子邮件的日志行:

2013-03-21 20:25:14 1UIfUY-0008Tz-1g <= [email protected] U=nick P=local S=365
2013-03-21 20:25:16 1UIfUY-0008Tz-1g => [email protected] R=dnslookup T=remote_smtp H=ASPMX.L.GOOGLE.com [173.194.79.26] X=TLS1.0:RSA_ARCFOUR_SHA1:16 DN="C=US,ST=California,L=Mountain View,O=Google Inc,CN=mx.google.com"
2013-03-21 20:25:16 1UIfUY-0008Tz-1g Completed

答案1

我正在使用智能主机,并且具有以下配置:

/etc/exim4/conf.d/main/00_local_macros:

DKIM_CANON = relaxed
DKIM_SELECTOR = 12345
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /etc/exim4/keys/${dkim_domain}/12345.private
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}

然后在 /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost 中:

.ifdef DKIM_DOMAIN
dkim_domain = DKIM_DOMAIN
.endif
.ifdef DKIM_SELECTOR
dkim_selector = DKIM_SELECTOR
.endif
.ifdef DKIM_PRIVATE_KEY
dkim_private_key = DKIM_PRIVATE_KEY
.endif
.ifdef DKIM_CANON
dkim_canon = DKIM_CANON
.endif
.ifdef DKIM_STRICT
dkim_strict = DKIM_STRICT
.endif
.ifdef DKIM_SIGN_HEADERS
dkim_sign_headers = DKIM_SIGN_HEADERS
.endif

答案2

我不是进出口专家,但我找到的指南引用了一个宏表,

/etc/exim4/conf.d/main/00_local_macros

并且您的配置引用了 ifdef DKIM_CANON。

尝试删除 if 语句或添加宏表。

SHA1 较弱,但仍然如此。DKIM-signing_outgoing_mail_with_exim4

相关内容