Hi all,
I am currently running into some issues with Postfix on my Amazon EC2
instance, not talking to OpenDKIM milter (also running on the same box).
I believe Postfix isn't following smtpd_milters/non_smtpd_milters
parameters. The reason is that no matter what port number I use (even
non-working/non-listening port), Postfix doesn't complain in the
mail.log. It simply picks up the mail and delivers without contacting
milters. Here is the sample request in the log
Mar 10 07:27:39 ip-xxxx opendkim[1668]: OpenDKIM Filter: mi_stop=1
Mar 10 07:27:39 ip-xxxx opendkim[1668]: OpenDKIM Filter v2.0.2
terminating with status 0, errno = 0
Mar 10 07:27:40 ip-xxxx opendkim[1802]: OpenDKIM Filter v2.0.2 starting
(args: -x /etc/opendkim.conf -u opendkim -P /var/run/opendkim/opendkim.pid)
Mar 10 07:37:17 ip-xxxx postfix/master[1779]: terminating on signal 15
Mar 10 07:37:17 ip-xxxx postfix/master[1927]: daemon started -- version
2.7.0, configuration /etc/postfix
Mar 10 07:37:24 ip-xxxx postfix/smtpd[1933]: connect from
localhost[127.0.0.1]
Mar 10 07:37:24 ip-xxxx postfix/smtpd[1933]: 56FC9982F0:
client=localhost[127.0.0.1]
Mar 10 07:37:24 ip-xxxx postfix/cleanup[1937]: 56FC9982F0:
message-id=<1331365044.4f5b04b440898@swift.generated>
Mar 10 07:37:24 ip-xxxx postfix/qmgr[1930]: 56FC9982F0:
from=<i...@coudora.com>, size=873, nrcpt=1 (queue active)
Mar 10 07:37:24 ip-xxxx postfix/smtpd[1933]: disconnect from
localhost[127.0.0.1]
Mar 10 07:37:24 ip-xxxx postfix/pipe[1938]: 56FC9982F0:
to=<sunnydeli...@umich.edu>, relay=aws-email, delay=0.64,
delays=0.13/0.02/0/0.49, dsn=2.0.0, status=sent (delivered via aws-email
service)
Mar 10 07:37:24 ip-xxxx postfix/qmgr[1930]: 56FC9982F0: removed
Now here is the main.cf under /etc/postfix
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = coudora.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = e.coudora.com, coudora.com, localhost.ec2.internal,
localhost
relayhost = email-smtp.us-east-1.amazonaws.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
#inet_interfaces = loopback-only
inet_protocols = all
default_transport = aws-email
smtpd_milters = inet:127.0.0.1:1234
non_smtpd_milters = inet:127.0.0.1:1234
milter_default_action = accept
And in case you are wondering, here is the excerpt config from master.cf
aws-email unix - n n - - pipe
flags=R user={omitted in email} argv=/{omitted}/ses-send-email.pl -r
-k /{omitted}/aws-credentials.txt -e
https://email.us-east-1.amazonaws.com -f ${sender} ${recipient}
Now I have been checking and double checking the main.cf config, and
can't seem to figure out why Postfix isn't talking to OpenDKIM. I assume
Postfix should throw some type of errors if it can't connect to milters?
Another thing to mention is running processes' uid & gid
~$ ps -eo uid,gid,args | grep postfix
0 0 /usr/lib/postfix/master
~$ ps -eo uid,gid,args | grep opendkim
108 116 /usr/sbin/opendkim -x /etc/opendkim.conf -u opendkim -P
/var/run/opendkim/opendkim.pid
As you can see, postfix is running as root, and 108 corresponds to
opendkim user. But they are running under different user groups. That
shouldn't cause problem right?
Hope you all have a great weekend as I am still banging my head against
this.
Thanks a bunch in advance!
Antony
