1 Topic by AndreyEver (edited by AndreyEver 2025-02-13 22:10:34)

  • AndreyEver
  • Member
  • Offline
  • Registered: 2022-05-15
  • Posts: 32

Topic: DKIM: insert domain name in catch-all rule

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.7.2
- Deployed with iRedMail Easy or the downloadable installer?: Downloadable
- Linux/BSD distribution name and version: Debian 12
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes

====

There is catchall DKIM rule in docs:

@dkim_signature_options_bysender_maps = ({
    # catch-all (one dkim key for all domains)
    '.' => {d => 'mydomain.com',
            a => 'rsa-sha256',
            c => 'relaxed/simple',
            ttl => 30*24*3600 },
});

is there any way to use cath-all rule but dinamicaly  insert domain name instead of fixed one ('mydomain.com' )?

Thanks in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by TiTo

  • TiTo
  • Member
  • Offline
  • Registered: 2021-08-29
  • Posts: 32

Re: DKIM: insert domain name in catch-all rule

AndreyEver wrote:

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.7.2
- Deployed with iRedMail Easy or the downloadable installer?: Downloadable
- Linux/BSD distribution name and version: Debian 12
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes

====

There is catchall DKIM rule in docs:

@dkim_signature_options_bysender_maps = ({
    # catch-all (one dkim key for all domains)
    '.' => {d => 'mydomain.com',
            a => 'rsa-sha256',
            c => 'relaxed/simple',
            ttl => 30*24*3600 },
});

is there any way to use cath-all rule but dinamicaly  insert domain name instead of fixed one ('mydomain.com' )?

Thanks in advance.

I think you need this https://docs.iredmail.org/sign.dkim.sig … omain.html

3 Reply by AndreyEver

  • AndreyEver
  • Member
  • Offline
  • Registered: 2022-05-15
  • Posts: 32

Re: DKIM: insert domain name in catch-all rule

TiTo wrote:

I think you need this https://docs.iredmail.org/sign.dkim.sig … omain.html

No.
I'm looking for solution to modify catch-all rule (from the link you provided)
in order to satisfy DKIM aligment and DO NOT add/remove domain names each time I added new to iRedMAILPro interface

I'm pretty sure it's not so hard to implement for iRedMailPro dev team

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,228

Re: DKIM: insert domain name in catch-all rule

AndreyEver wrote:

is there any way to use cath-all rule but dinamicaly  insert domain name instead of fixed one ('mydomain.com' )?

Why not use a dedicated DKIM key for each domain?
Same DKIM key for different domains with same DKIM domain name is ok, but same key for different domains with different domain names is NOT ok, because the DKIM key used to sign the message never match the one published on DNS record for different domain names.