This article indicates the configuration steps that need to be taken in order to successfully sign the messages with DomainKeys, when the Domain Appender filter is also enabled.
Issue cause
If the Domain Appender filter, which modifies the message, is executed after the DomainKeys signer filter, the resulting messages will have invalid signature.
Solution
Correctly using the DomainKeys signer in conjunction with with the domain appender requires the filter priorities to be adjusted as for the message signature to be generated after the message was modified by the appender filter.
In order to achieve the correct configuration, a manual modification of the Axigen configuration file is required. The necessary steps are presented below:
In order to achieve the correct configuration, a manual modification of the Axigen configuration file is required. The necessary steps are presented below:
- open the Axigen configuration file in a text editor (Please consult this KB article for the exact location depending on the OS).
- locate the filter definition in the serverActiveFilters section. The filter definition should resemble the following: {
filterName = "DKSigner"
filterType = socket
priority = 2
applyOn = (local relay)
}
- set the filter priority to 351. Also, please ensure the the applyOn parameter is set to (relay) only. The resulting section should be: {
filterName = "DKSigner"
filterType = socket
priority = 351
applyOn = (relay)
}
- save the changes and restart Axigen
OS:
LinuxWindowsFreeBSDNetBSDOpenBSDSolaris
Distros:
WindowsDEB based distros amd64FreeBSD 7.x