git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
DKIM: call ACL once for each signature matching the identity from dkim_verify_signers...
[exim.git]
/
doc
/
doc-docbook
/
spec.xfpt
diff --git
a/doc/doc-docbook/spec.xfpt
b/doc/doc-docbook/spec.xfpt
index 98986e0326404b05cf1414d057f1bfc350c82a99..cfee04ccd59fc90c52fe9cbf1d2fff9b326d25d4 100644
(file)
--- a/
doc/doc-docbook/spec.xfpt
+++ b/
doc/doc-docbook/spec.xfpt
@@
-11665,8
+11665,11
@@
contain the trailing slash. If &$config_file$& does not contain a slash,
.vindex "&$config_file$&"
The name of the main configuration file Exim is using.
.vindex "&$config_file$&"
The name of the main configuration file Exim is using.
+.vitem &$dkim_verify_status$& &&&
+Results of DKIM verification.
+For details see chapter &<<CHAPdkim>>&.
+
.vitem &$dkim_cur_signer$& &&&
.vitem &$dkim_cur_signer$& &&&
- &$dkim_verify_status$& &&&
&$dkim_verify_reason$& &&&
&$dkim_domain$& &&&
&$dkim_identity$& &&&
&$dkim_verify_reason$& &&&
&$dkim_domain$& &&&
&$dkim_identity$& &&&
@@
-38705,6
+38708,11
@@
dkim_verify_signers = $sender_address_domain:$dkim_signers
If a domain or identity is listed several times in the (expanded) value of
&%dkim_verify_signers%&, the ACL is only called once for that domain or identity.
If a domain or identity is listed several times in the (expanded) value of
&%dkim_verify_signers%&, the ACL is only called once for that domain or identity.
+.new
+If multiple signatures match a domain (or identity), the ACL is called once
+for each matching signature.
+.wen
+
Inside the &%acl_smtp_dkim%&, the following expansion variables are
available (from most to least important):
Inside the &%acl_smtp_dkim%&, the following expansion variables are
available (from most to least important):
@@
-38717,7
+38725,8
@@
an identity. This is one of the list items from the expanded main option
&%dkim_verify_signers%& (see above).
.vitem &%$dkim_verify_status%&
&%dkim_verify_signers%& (see above).
.vitem &%$dkim_verify_status%&
-A string describing the general status of the signature. One of
+Within the DKIM ACL,
+a string describing the general status of the signature. One of
.ilist
&%none%&: There is no signature in the message for the current domain or
identity (as reflected by &%$dkim_cur_signer%&).
.ilist
&%none%&: There is no signature in the message for the current domain or
identity (as reflected by &%$dkim_cur_signer%&).
@@
-38742,6
+38751,9
@@
hash-method or key-size:
set dkim_verify_status = fail
set dkim_verify_reason = hash too weak
.endd
set dkim_verify_status = fail
set dkim_verify_reason = hash too weak
.endd
+
+After all the DKIM ACL runs have completed, the value becomes a
+colon-separated list of the values after each run.
.wen
.vitem &%$dkim_verify_reason%&
.wen
.vitem &%$dkim_verify_reason%&