[pmg-devel] applied: [PATCH pmg-api] Don't add DKIM signature without domain

Thomas Lamprecht t.lamprecht at proxmox.com
Fri Nov 22 12:35:37 CET 2019


On 11/22/19 10:40 AM, Stoiko Ivanov wrote:
> When the DKIMSign module fails to determine the domain for signing
> (the one added to the header and used for retrieving the publickey record)
> the code logs that no signing will take place, but only does not set the
> domain - resulting in a generated and added signature with domain 'example.com'
> 
> Fixed by returning the success-status from signing_domain and only signing if
> it was successful.
> 
> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
> ---
> Sorry for catching this so late!
> I think we can ship a fixed version after the upcoming 6.1 release, since it's
> a small inconvenience in a new feature:
> * DKIM works if configured correctly
> * if the configuration exposes the issue the mail will get signed with a broken
>   signature, instead of not getting signed - AFAIR SpamAssassin will assign a
>   score of 0.1 to such mails
> 

applied, thanks!



More information about the pmg-devel mailing list