Difference between revisions of "Srs domain, srs hash algorithm, srs maxage, srs secrets MTA Options"

From Messaging Server Technical Reference Wiki
Jump to: navigation, search
m (Bulk update)
m (Bulk update)
Line 7: Line 7:
 
=== <code>srs_domain</code> (domain-name) ===
 
=== <code>srs_domain</code> (domain-name) ===
  
(New in  MS 6.3-1.04.)  The <code>srs_domain</code> MTA option  must be set to the domain to use in SRS addresses. Email sent to this domain must always be routed to a system capable of SRS operations for the domain. SRS processing is handled as an overlay on top of normal address processing so nothing prevents a site from using their primary domain as the SRS domain.  
+
(New in  JES MS 6.3-1.04.)  The <code>srs_domain</code> MTA option  must be set to the domain to use in SRS addresses. Email sent to this domain must always be routed to a system capable of SRS operations for the domain. SRS processing is handled as an overlay on top of normal address processing so nothing prevents a site from using their primary domain as the SRS domain.  
  
 
=== <code>srs_maxage</code> (integer) ===
 
=== <code>srs_maxage</code> (integer) ===
  
(New in  MS 6.3-1.04.)  The <code>srs_maxage</code> MTA option optionally specifies the number of  days before an SRS address times out. The default if the option isn&#x27;t specified is 14 days.  
+
(New in  JES MS 6.3-1.04.)  The <code>srs_maxage</code> MTA option optionally specifies the number of  days before an SRS address times out. The default if the option isn&#x27;t specified is 14 days.  
  
 
=== <code>srs_secrets</code> (comma-separated list of strings) ===
 
=== <code>srs_secrets</code> (comma-separated list of strings) ===
  
(New in  MS 6.3-1.04.)  The <code>srs_secrets</code> MTA option takes as argument  a comma separated list of secret keys used to encode and decode SRS addresses. The first key on the list is used unconditionally for encoding. For decoding, each key is tried in order to generate a different hash value. The decoding operation proceeds if any of the hashes match. The ability to use multiple keys makes it possible to change secrets without service disruption: Add a second key, wait for all previously issued addresses to time out, and then remove the first key.  
+
(New in  JES MS 6.3-1.04.)  The <code>srs_secrets</code> MTA option takes as argument  a comma separated list of secret keys used to encode and decode SRS addresses. The first key on the list is used unconditionally for encoding. For decoding, each key is tried in order to generate a different hash value. The decoding operation proceeds if any of the hashes match. The ability to use multiple keys makes it possible to change secrets without service disruption: Add a second key, wait for all previously issued addresses to time out, and then remove the first key.  
  
  

Revision as of 09:16, 16 May 2015



Sender Rewriting Scheme (SRS) controls (srs_domain, srs_maxage, srs_secrets)

srs_domain (domain-name)

(New in JES MS 6.3-1.04.) The srs_domain MTA option must be set to the domain to use in SRS addresses. Email sent to this domain must always be routed to a system capable of SRS operations for the domain. SRS processing is handled as an overlay on top of normal address processing so nothing prevents a site from using their primary domain as the SRS domain.

srs_maxage (integer)

(New in JES MS 6.3-1.04.) The srs_maxage MTA option optionally specifies the number of days before an SRS address times out. The default if the option isn't specified is 14 days.

srs_secrets (comma-separated list of strings)

(New in JES MS 6.3-1.04.) The srs_secrets MTA option takes as argument a comma separated list of secret keys used to encode and decode SRS addresses. The first key on the list is used unconditionally for encoding. For decoding, each key is tried in order to generate a different hash value. The decoding operation proceeds if any of the hashes match. The ability to use multiple keys makes it possible to change secrets without service disruption: Add a second key, wait for all previously issued addresses to time out, and then remove the first key.


See also: