[Mimedefang] recommendations for DKIM signing, and DMARC/DKIM/SPF checks?
David F. Skoll
dfs at roaringpenguin.com
Wed Jan 14 17:41:04 EST 2015
On Wed, 14 Jan 2015 17:00:51 -0500
Anne Bennett <anne at encs.concordia.ca> wrote:
> In the meantime, are there any well-known and recommended
> modules that I could add to MIMEDefang to help with this?
Sure. Mail::DKIM::Signer if you want to DKIM-sign your mail.
Our MIMEDefang filter contains this routine:
use Mail::DKIM::Signer;
sub dkim_sign
{
my $dkim = Mail::DKIM::Signer->new(
Algorithm => "rsa-sha1",
Method => "relaxed",
Domain => "roaringpenguin.com",
Selector => "main",
KeyFile => "/etc/ssl/private/roaringpenguin.com.dkim.2048.key");
if (open(TOSIGN, "<INPUTMSG")) {
while(<TOSIGN>) {
# remove local line terminators
chomp;
s/\015$//;
# use SMTP line terminators
$dkim->PRINT("$_\015\012");
}
close(TOSIGN);
$dkim->CLOSE();
my $signature = $dkim->signature()->as_string();
$signature =~ s/^DKIM-Signature:\s+//i;
action_add_header('DKIM-Signature', $signature);
}
}
which we call when appropriate from filter_end.
For DKIM verification, you can either use SpamAssassin or use
Mail::DKIM and validate it yourself in your filter.
Regards,
David.
More information about the MIMEDefang
mailing list