2

Is it at all possible, and how, to configure the Exim4 mail server to convert outgoing messages (or message parts) from 8bit encoding to Quoted-Printable (or Base64, although I'd prefer QP) before signing them with DKIM and transferring them?

We currently have a setup where messages containing 8bit parts get an invalid DKIM signature when arriving at the destination server because they are converted by an upstream server (which we have no control of) to Quoted-Printable. Unfortunately, we can't really complain about the behaviour of the upstream server because RFC4871 clearly states that it is the signing server that has to reencode the mail in the appropriate encoding before signing (see [RFC4871 section 5.3][1]):

In order to minimize the chances of such breakage, signers SHOULD convert the message to a suitable MIME content transfer encoding such as quoted-printable or base64 as described in MIME Part One [RFC2045] before signing.

I would therefore expect this conversion to be a basic function of any mail server supporting DKIM, but as far as I searched in the exim manuals, there is nothing like that. Is it any known solution to this issue? [1]: https://www.rfc-editor.org/rfc/rfc4871#section-5.3

Community
  • 1
Ale
  • 1,703
  • 17
  • 25

1 Answers1

0

The solution I currently found is to use the reformime command supplied with the maildrop tool, using the -r7 option, as an Exim transport filter.

Once maildrop is installed, it is enough to configure a transport filter on the SMTP transport(s) used by Exim to transfer mail to destination servers:

remote_smtp_smarthost:
  debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
  driver = smtp
# filter outgoing messages to convert 8-bit to Quoted-Printable when needed
  transport_filter = /usr/bin/reformime -r7

For our case, it was the 30_exim4-config_remote_smtp_smarthost config file as we are using a smarthost, for more standard servers without a smarthost this would be the 30_exim4-config_remote_smtp; you might also need to change other transports depending on the specific configuration you use.

reformime is a small tool written in pure C, and therefore is very lightweight and adds little overhead to mail processing. It however seems to need to buffer the whole in-transit message in memory for processing, so be careful if you have a very busy server with not much available RAM.

Ale
  • 1,703
  • 17
  • 25