Bug#941804: exim4: remote_smtp_smarthost transport does not set DKIM variables
Larry Doolittle
larry at doolittle.boa.org
Mon Oct 16 18:53:17 BST 2023
Andreas -
On Mon, Oct 16, 2023 at 07:13:28PM +0200, Andreas Metzler wrote:
> > severity 941804 normal
> > This exim4 bug has taken on increased importance now that gmail requires DKIM
> > on all (?) incoming messages.
>
> I do not follow:
>
> The smarthost transport is typically used by a machine without
> permanent internet connection to deliver *to* a smarthost. This
> smarthost the does the real delivery using M lookups et al.
Basically right. I'd say "permanent and unimpeded Internet connection".
See below.
> google cares about the DKIM signature of the latter (the real mailserver).
Someone has to add the DKIM signature, tied to the sender address.
Google doesn't care where in the relaying chain it got added.
> OTOH if you want to use google as smarthost you need to use SMTP AUTH
> instead of adding a DKIM signature on your personal PC/laptop.
My use case is being stuck behind an ISP's firewall,
so the smarthost is supplied by the ISP. When the ISP
delivers the mail to gmail, google needs some indication
that the mail I sent is really from me. That's where DKIM comes in.
I _am_ me, so I can make my exim MTA "sign" the message with DKIM
on its way to the smarthost.
I don't doubt that other people have different setups.
Some will need this configuration fixed, some will not.
But before google started enforcing SPF/DKIM/DMARC earlier this year,
my smarthost routing approach could succeed without complications.
Now it needs DKIM. Fortunately I could make that work -- after applying
a local patch to fix this bug.
- Larry
More information about the Pkg-exim4-maintainers
mailing list