As my colleague suggested, from field can be set by mail user agents to exclude host from email address.
I tried it and of course it works and I don't need masquerading nor genericstable.
> Hello,
> I have run into a problem described in section Sendmail REWRITING FEATURES on http://www.opendkim.org/README:
> Due to the way the milter protocol is incorporated into the MTA, opendkim sees the headers before they are modified as required by those two features (MASQUERADE_AS and FEATURE(genericstable)).
> This means the DKIM signature is generated based on the headers originally
> injected by the mail client and not on the headers which are actually sent
> out by the MTA. As a result, the verifying agent at the receiver's side
> will be unable to verify the signature as the signed data and the received
> data don't match.
> The suggested solutions to this problem are:
> (1) Send mail with the headers already written as needed, obviating the
> need for these features (or just turn them off).
> (2) Have two MTAs set up, either on separate boxes or on the same box.
> The first MTA should do all of the rewriting (i.e. use these two
> features) and the second one should use opendkim to add the signature
> and do no rewriting at all.
> (3) Have multiple DaemonPortOptions lines in your configuration file. The
> first daemon port (port 25) does the header rewriting and then routes
> the message to the second port; the latter does no rewriting but does the
> signing and then sends the message on its way.
> Since I'm not an expert in Sendmail I have configured it with help of online tutorials and used masquerade to remove host from email address (to get an address to look like user@domain instead of u...@host.domain). Due to same reason (not being an expert), I have problems understanding suggestions above.
> Main question: What is the most elegant way to achieve host removal from email address without breaking OpenDKIM?
> Best regards,
> Mario
