[Mimedefang] recommendations for DKIM signing, and DMARC/DKIM/SPF checks?

David F. Skoll dfs at roaringpenguin.com
Wed Jan 14 17:41:04 EST 2015

On Wed, 14 Jan 2015 17:00:51 -0500
Anne Bennett <anne at encs.concordia.ca> wrote:

> In the meantime, are there any well-known and recommended
> modules that I could add to MIMEDefang to help with this?

Sure.  Mail::DKIM::Signer if you want to DKIM-sign your mail.

Our MIMEDefang filter contains this routine:

use Mail::DKIM::Signer;

sub dkim_sign
        my $dkim = Mail::DKIM::Signer->new(
                Algorithm => "rsa-sha1",
                Method => "relaxed",
                Domain => "roaringpenguin.com",
                Selector => "main",
                KeyFile => "/etc/ssl/private/roaringpenguin.com.dkim.2048.key");

        if (open(TOSIGN, "<INPUTMSG")) {
                while(<TOSIGN>) {
                        # remove local line terminators

                        # use SMTP line terminators
                my $signature = $dkim->signature()->as_string();
                $signature =~ s/^DKIM-Signature:\s+//i;
                action_add_header('DKIM-Signature', $signature);

which we call when appropriate from filter_end.

For DKIM verification, you can either use SpamAssassin or use
Mail::DKIM and validate it yourself in your filter.



More information about the MIMEDefang mailing list