Difference between revisions of "Srs domain, srs hash algorithm, srs maxage, srs secrets MTA Options"

From Messaging Server Technical Reference Wiki
Jump to: navigation, search
m (Bulk update)
m (Bulk update)
Line 19: Line 19:
  
 
See also:
 
See also:
* [[Error_text MTA options#error_text_srs_syntax|error_text MTA options]]
+
* [[Error_text MTA options#error_text_srs_syntax|error_text_srs_syntax MTA Option]]
* [[Error_text MTA options#error_text_srs_timeout|error_text MTA options]]
+
* [[Error_text MTA options#error_text_srs_timeout|error_text_srs_timeout MTA Option]]
* [[Error_text MTA options#error_text_srs_badhash|error_text MTA options]]
+
* [[Error_text MTA options#error_text_srs_badhash|error_text_srs_badhash MTA Option]]
 
* [[SRS MTA options#SRS_MTA_options|SRS MTA options]]
 
* [[SRS MTA options#SRS_MTA_options|SRS MTA options]]
 
[[Category: MTA]]
 
[[Category: MTA]]
 
[[Category: Reference]]
 
[[Category: Reference]]

Revision as of 23:16, 29 March 2015



Sender Rewriting Scheme (SRS) controls (srs_domain, srs_maxage, srs_secrets)

srs_domain (domain-name)

(New in MS 6.3-1.04.) The srs_domain MTA option must be set to the domain to use in SRS addresses. Email sent to this domain must always be routed to a system capable of SRS operations for the domain. SRS processing is handled as an overlay on top of normal address processing so nothing prevents a site from using their primary domain as the SRS domain.

srs_maxage (integer)

(New in MS 6.3-1.04.) The srs_maxage MTA option optionally specifies the number of days before an SRS address times out. The default if the option isn't specified is 14 days.

srs_secrets (comma-separated list of strings)

(New in MS 6.3-1.04.) The srs_secrets MTA option takes as argument a comma separated list of secret keys used to encode and decode SRS addresses. The first key on the list is used unconditionally for encoding. For decoding, each key is tried in order to generate a different hash value. The decoding operation proceeds if any of the hashes match. The ability to use multiple keys makes it possible to change secrets without service disruption: Add a second key, wait for all previously issued addresses to time out, and then remove the first key.


See also: