How to disable DKIM signing?

[moisseev]

What are the current DKIM default settings? How to disable DKIM signing? I have no dkim section in the rmilter configuration, but rmilter tries to sign outgoing messages.

May 11 10:00:53 mx rmilter[42724]: <d0aacc05bf>; cannot add signature for domain example.com: not found

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

[vstakhov]

I've increased the log level of this message just because I was too tired of mistakes that were done by users when configuring it.

[posledov]

Hello.

Similar lines appear for an incoming message, which is a response from the check-auth@verifier.port25.com

Jun 1 23:48:31 talk postfix/smtpd[11052]: connect from verifier.port25.com[38.95.177.125] Jun 1 23:48:32 talk rmilter[11026]: <859ad7d3ad>; cannot find key for domain verifier.port25.com at /etc/dkim/verifier.port25.com.mail.key Jun 1 23:48:32 talk rmilter[11026]: <859ad7d3ad>; cannot add signature for domain verifier.port25.com: not found Jun 1 23:48:32 talk postfix/smtpd[11052]: 2AA82535: client=verifier.port25.com[38.95.177.125]

In other cases (initial incoming message from foreign domain or reply to my message), such warnings are not observed

dkim {
    domain {
                key = /etc/dkim;
                domain = "*";
                selector = "mail";
        };
    header_canon = relaxed;
    body_canon = relaxed;
    sign_alg = sha256;
    auth_only = no;
};

Is this normal behavior, when rmilter tries to sign messages that are sent from foreign domains?

[moisseev]

Fixed with 5bad2eb0080e1c1efaa49b40dacbc35e3f6ec997