From 18067c75fc8494ce7968776cd61a1693d20d8380 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 8 Nov 2017 10:43:28 +0000 Subject: DKIM: call ACL once for each signature matching the identity from dkim_verify_signers. Bug 2189 --- doc/doc-docbook/spec.xfpt | 5 +++++ doc/doc-txt/ChangeLog | 4 ++++ 2 files changed, 9 insertions(+) (limited to 'doc') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 1a7a7baa6..cfee04ccd 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -38708,6 +38708,11 @@ dkim_verify_signers = $sender_address_domain:$dkim_signers If a domain or identity is listed several times in the (expanded) value of &%dkim_verify_signers%&, the ACL is only called once for that domain or identity. +.new +If multiple signatures match a domain (or identity), the ACL is called once +for each matching signature. +.wen + Inside the &%acl_smtp_dkim%&, the following expansion variables are available (from most to least important): diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 4b3d64e0c..fd188a00a 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -182,6 +182,10 @@ JH/31 Fix CHUNKING code to properly flush the unwanted chunk after an error. Previously only that bufferd was discarded, resulting in SYMTP command desynchronisation. +JH/32 DKIM: when a message has multiple signatures matching an identity given + in dkim_verify_signers, run the dkim acl once for each. Previously only + one run was done. Bug 2189. + Exim version 4.89 ----------------- -- cgit v1.2.3