acl_smtp_rcpt = accept
acl_smtp_dkim = check_dkim
+acl_smtp_data = accept logwrite = ${authresults {$primary_hostname}}
+
+log_selector = +dkim_verbose
queue_only
queue_run_in_order
begin acl
check_dkim:
+.ifdef BAD
+ warn logwrite = ${lookup dnsdb{defer_never,txt=_adsp._domainkey.$dkim_cur_signer}{$value}{unknown}}
+.endif
.ifdef OPTION
warn condition = ${if eq {$dkim_algo}{rsa-sha1}}
condition = ${if eq {$dkim_verify_status}{pass}}
set dkim_verify_status = fail
set dkim_verify_reason = hash too weak
.endif
- accept
+ warn
logwrite = signer: $dkim_cur_signer bits: $dkim_key_length
+.ifndef STRICT
+ accept
+.endif
# End