Open HLFH opened 4 years ago
xpunkt
commented
4 years ago HLFH skrev den 2019-12-16 09:35:
Multiple Domain and KeyFile lines fails totally - only the last one is used for each.
openARC does not need multi domains for sealing that it passed your host at all, it does need to be basicly just sign so it can be verifyed that your host did see spf pass and dkim pass, nothing more or less
openARC is not poor manns dkim signer
minfrin
commented
4 years ago Having a similar problem understanding this.
I have a mailserver that handles 4 different domains, that need to support ARC, and there is no apparent way to handle more than one domain.
Most specifically, in the configuration I have there is an undocumented (in "man openarc.conf") option called "Domain", which according to the source code is mandatory:
There is no obvious reason why there should be just one Domain, or what the domain should be set to. The FQDN of the mailserver? The domain of the mailserver? None of this makes sense.
maxfieb
commented
3 years ago +1 for supporting KeyTable / SigningTable or some other way of specifying more than one key and domain
OpenARC has one key limit, but then postfix out of the box can have multiple mailhosts (instances) on a single server.
This is sort of going against the purpose of ARC which is for multiple mailer instance to create an overall chain of trust, each mailer instance on a server needs to add it's ARC signature based on each mailer name (that mailer identity which other hosts will later verify in the DNS) to create the Authenticated Relay Chain, other wise it's just AR
As @gene-git is saying, Multiple
DomainandKeyFilelines fails totally - only the last one is used for each.Can you please support
KeyTableandSigningTablejust like OpenDKIM does?It would be very useful when you mail server is used for several domains. In the mean time, the best is to disable OpenARC.