DKIM signing broken in Server 5.2 and later
| Originator: | michalm.mac | ||
| Number: | rdar://35070721 | Date Originated: | 19.10.2017 |
| Status: | Open | Resolved: | |
| Product: | Server | Product Version: | 5.4 |
| Classification: | Serious bug | Reproducible: | Always |
Summary:
I've configured amavisd in macOS Server to sign email with DKIM key.
Since Server 5.2 signing did not work anymore.
I was able to fix it by manually patching /Applications/Server.app/Contents/ServerRoot/usr/bin/amavisd
using advice from apple forums ->
https://discussions.apple.com/thread/7684786?start=0&tstart=0
After adding line 22852 $msginfo->originating(c('originating'));
signing works again.
Please fix this or create support article about proper DKIM configuration on macOS Server (or even better integrate this option into Server.app GUI).
Steps to Reproduce:
Configure amavisd to sign email using dkim. See configuration files in attachment.
=>
1. Generate DKIM key
mkdir -p /somedir/dkim
chown _amavisd /somedir/dkim
sudo -u _amavisd -H amavisd genrsa /somedir/domain.com 2048
chown root:_amavisd /somedir/domain.com.pem
chmod 640 /somedir/domain.com.pem
2. Add lines:
dkim_key('domain.com', 'default', '/somedir/domain.com.pem');
@dkim_signature_options_bysender_maps = ( { '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } );
$interface_policy{'10024'} = 'MYNETS';
3. Restart mail service
Expected Results:
DKIM signing should work.
Actual Results:
DKIM signing does not work until i patch amavisd as described in summary.
Version/Build:
Server 5.2
Server 5.3
Server 5.4
Configuration:
See configuration in attachment
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!