Page 1 of 1

Disable outgoing non spam signing to get a valid DKIM

Posted: 05 Mar 2018 18:24
by froman
Hello my friends, probably some of you have the same problem.

- I need to disable the signature for clean outgoing messages.
- why?
- because if you sign the clean outgoing messages the DKIM signature gets invalid when the email body is modified.

- why disable the signature only in outgoing messages?
- because I want the link that E.F.A puts in the footer of every incoming email, this way every user can report a message as spam.

so what is the problem?
- the E.F.A settings only has the option of enable or disable the signature on non spam messages (this affect all emails, incoming and outgoing messages), so if is enabled your DKIM signature gets invalid, and if it disable, you don't get the footer on the incoming messages to report messages as spam.


So this is the trick. it's very simple but I didn't find a guide or example of a working configuration.

1) the non spam signatures has to be enabled
- in the EFA-Configure
9) spam settings
1) non spam settings
- Do you want to DISABLE storing non spam ? [y/N/c]: N
- Do you want to DISABLE non spam signatures ? [y/N/c]: N

2) we need to change the signing rules of mailscanner to use the standar signature to all mails addresed to your domain "to: *@yourdomain.com" and all other mail with no signature

Go to the shell on the E.F.A an log as root (use your E.F.A admin password)

Code: Select all

$sudo su -

Code: Select all

#vim /etc/MailScanner/rules/sig.text.rules
replace:

Code: Select all

To: *@yourdomain.com /etc/MailScanner/reports/en/inline.sig.in.txt
To: default /etc/MailScanner/reports/en/inline.sig.out.txt
with:

Code: Select all

To: *@yourdomain.com /etc/MailScanner/reports/en/inline.sig.in.txt
To: default /dev/null

Code: Select all

#vim /etc/MailScanner/rules/sig.html.rules 
replace:

Code: Select all

To: *@yourdomain.com /etc/MailScanner/reports/en/inline.sig.in.html
To: default /etc/MailScanner/reports/en/inline.sig.out.html
with:

Code: Select all

To: *@yourdomain.com /etc/MailScanner/reports/en/inline.sig.in.html
To: default /dev/null

finally restart the mailscanner service

Code: Select all

#service mailscanner restart
PS: sorry about my english.

Re: Disable outgoing non spam signing to get a valid DKIM

Posted: 08 Mar 2018 15:23
by shawniverson

Re: Disable outgoing non spam signing to get a valid DKIM

Posted: 06 Dec 2018 04:03
by sunshinetech
You can also just delete the contents of the two files and not change any rules, that will also cause DKIM signing to work.

Re: Disable outgoing non spam signing to get a valid DKIM

Posted: 31 Jan 2019 06:19
by Rapid
Hi there, we are having same issue when there is HTML header appended dkim body hash cannot be verified. But email with plain/text content gets verified. As I suspect something was altering message content and causing change in hash. I have tried above provided solution but DKIM signing still doestnot work, even If I use EFA as outgoing SMTP server in my outlook.

Headers pasted below after doing mentioned changes:


------=_NextPart_000_002A_01D4B88B.6A2BD750
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

outlook test2




------=_NextPart_000_002A_01D4B88B.6A2BD750
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV=3D"Content-Type" CONTENT=
=3D"text/html; charset=3Dus-ascii"><meta name=3DGenerator content=3D"Micros=
oft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
=09{font-family:"Cambria Math";
=09panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
=09{font-family:Calibri;
=09panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
=09{margin:0in;
=09margin-bottom:.0001pt;
=09font-size:11.0pt;
=09font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
=09{mso-style-priority:99;
=09color:#0563C1;
=09text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
=09{mso-style-priority:99;
=09color:#954F72;
=09text-decoration:underline;}
span.EmailStyle17
=09{mso-style-type:personal-compose;
=09font-family:"Calibri","sans-serif";
=09color:windowtext;}
.MsoChpDefault
=09{mso-style-type:export-only;
=09font-family:"Calibri","sans-serif";}
@page WordSection1
=09{size:8.5in 11.0in;
=09margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
=09{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3D"#0563C1=
" vlink=3D"#954F72"><div class=3DWordSection1><p class=3DMsoNormal>outlook =
test2<o:p></o:p></p></div></body></html>

------=_NextPart_000_002A_01D4B88B.6A2BD750--