Okay, I took another look and now I understand why the author's change in 2.11 breaks DKIM signing in certain cases. The problem is that he added $msginfo->originating(c('originating')) to the end of load_policy_bank(), which seems like the right thing to do, except for certain kinds of policy bank, $msginfo isn't yet available when the policy bank is loaded, so the "originating" flag isn't even available yet to be set.
What that in mind, in lieu of patches (a) and (b), I've created a new patch, (c), which I believe is comprehensive and should be a good fix for all use cases. I'm running it now on my server and it's working perfectly:
--- amavisd-new.orig 2018-05-10 18:35:58.566308979 -0700
+++ amavisd-new 2018-05-15 18:09:57.749070821 -0700
@@ -33570,6 +33570,7 @@
my $allowed_hdrs = cr('allowed_added_header_fields');
my $from_str = join(', ', qquote_rfc2821_local(@rfc2822_from)); # logging
substr($from_str,100) = '[...]' if length($from_str) > 100;
+ $msginfo->originating(c('originating'));
if (!$allowed_hdrs || !$allowed_hdrs->{lc('DKIM-Signature')}) {
do_log(5, "dkim: inserting a DKIM-Signature header field disabled");
} elsif (!$msginfo->originating) {
Okay, I took another look and now I understand why the author's change in 2.11 breaks DKIM signing in certain cases. The problem is that he added $msginfo- >originating( c('originating' )) to the end of load_policy_bank(), which seems like the right thing to do, except for certain kinds of policy bank, $msginfo isn't yet available when the policy bank is loaded, so the "originating" flag isn't even available yet to be set.
What that in mind, in lieu of patches (a) and (b), I've created a new patch, (c), which I believe is comprehensive and should be a good fix for all use cases. I'm running it now on my server and it's working perfectly:
--- amavisd-new.orig 2018-05-10 18:35:58.566308979 -0700 added_header_ fields' ); rfc2821_ local(@ rfc2822_ from)); # logging $from_str, 100) = '[...]' if length($from_str) > 100; >originating( c('originating' )); hdrs->{ lc('DKIM- Signature' )}) { >originating) {
+++ amavisd-new 2018-05-15 18:09:57.749070821 -0700
@@ -33570,6 +33570,7 @@
my $allowed_hdrs = cr('allowed_
my $from_str = join(', ', qquote_
substr(
+ $msginfo-
if (!$allowed_hdrs || !$allowed_
do_log(5, "dkim: inserting a DKIM-Signature header field disabled");
} elsif (!$msginfo-