EXIM Config: Does "Reject DKIM failures" pass domains with no DKIM

[phillbooth]

Hello in the "ACL Options" of the Exim Config does the "Reject DKIM failures" set to "on" also fail domains without a DKIM? As I would like domains with no DKIM to pass and only those with incorrect DKIM to fail.

Thanks

 

[cPanelMichael]

Hello in the "ACL Options" of the Exim Config does the "Reject DKIM failures" set to "on" also fail domains without a DKIM? As I would like domains with no DKIM to pass and only those with incorrect DKIM to fail.

Hello

Here's the entry that's added to your Exim configuration file when enabling the options to reject DKIM failures:

#BEGIN ACL_SMTP_DKIM_BLOCK
# BEGIN INSERT dkim_bl

  accept message = DKIM: Testing Mode
        condition = ${if bool{$dkim_key_testing}}

  deny message = DKIM: encountered the following problem validating $dkim_cur_signer: $dkim_verify_reason
       dkim_status = invalid:fail

  accept

# END INSERT dkim_bl

I believe the lack of the "none" entry on the "dkim_status" line indicates that senders with no DKIM record are not blocked. You can find the technical details of this option at:

57. Support for DKIM (DomainKeys Identified Mail)

Are you experiencing different results when testing?

Thank you.

 

[phillbooth]

great thanks replaceing

condition = ${if bool{$dkim_key_testing}}

with

condition = ${if eq {$dkim_verify_status}{none} {0}{${if bool{$dkim_key_testing}}}

seems to have worked

 

[cPanelMichael]

I am happy to see it's working as expected. Thank you for updating us with the outcome.