Hello,
I have a small problem with my postfix/dkim setup:
- dkim properly sign every emails I send via my webmail frontend, crontab, or
the mail command from the server.
- dkim won't sign emails I send from my workstation to my server via an ssh
tunnel.
transcript for a webmail sending:
rack postfix/pickup[51760]: 32E681CC025: uid=80 from=<pat...@mydomain.tld>
rack postfix/cleanup[52839]: 32E681CC025:
message-id=<eec030e8a722c0c18ea83a504d776...@mail.mydomain.tld>
+ rack opendkim[50749]: 32E681CC025: DKIM-Signature header added (s=patpro,
d=mydomain.tld)
rack postfix/qmgr[29993]: 32E681CC025: from=<pat...@mydomain.tld>, size=994,
nrcpt=1 (queue active)
rack postfix/local[52842]: 32E681CC025: to=<pat...@mydomain.tld>,
orig_to=<r...@mydomain.tld>, relay=local, delay=0.21, delays=0.18/0/0/0.02,
dsn=2.0.0, status=sent (delivered to command: /usr/local/bin/procmail -a
"$EXTENSION")
rack postfix/qmgr[29993]: 32E681CC025: removed
transcript for a mail submitted via ssh tunnel:
rack postfix/smtpd[57044]: connect from localhost[127.0.0.1]
rack milter-greylist: (unknown id): Sender IP 127.0.0.1 and address
<pat...@mydomain.tld> are SPF-compliant, bypassing greylist
rack postfix/smtpd[57044]: NOQUEUE: client=localhost[127.0.0.1]
rack postfix/smtpd[57049]: connect from localhost[127.0.0.1]
rack postfix/smtpd[57049]: 5E0BE1CC020: client=localhost[127.0.0.1],
orig_client=localhost[127.0.0.1]
rack postfix/cleanup[57050]: 5E0BE1CC020:
message-id=<727d4403-ce21-4282-a3f3-0c056924c...@mydomain.tld>
rack postfix/smtpd[57049]: disconnect from localhost[127.0.0.1]
rack postfix/qmgr[29993]: 5E0BE1CC020: from=<pat...@mydomain.tld>, size=2220,
nrcpt=1 (queue active)
rack amavis[50721]: (50721-14) Passed CLEAN {RelayedInternal}, LOCAL
[127.0.0.1]:13772 [127.0.0.1] <pat...@mydomain.tld> -> <r...@mydomain.tld>,
Message-ID: <727d4403-ce21-4282-a3f3-0c056924c...@mydomain.tld>, mail_id:
0ha-G1TZRb7p, Hits: -3.4, size: 1712, queued_as: 5E0BE1CC020, 1762 ms
rack postfix/smtpd[57044]: proxy-accept: END-OF-MESSAGE: 250 2.0.0 from
MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5E0BE1CC020;
from=<pat...@mydomain.tld> to=<r...@mydomain.tld> proto=ESMTP helo=<[127.0.0.1]>
rack postfix/local[57051]: 5E0BE1CC020: to=<pat...@mydomain.tld>,
orig_to=<r...@mydomain.tld>, relay=local, delay=0.06, delays=0.04/0/0/0.02,
dsn=2.0.0, status=sent (delivered to command: /usr/local/bin/procmail -a
"$EXTENSION")
rack postfix/qmgr[29993]: 5E0BE1CC020: removed
main.cf reads:
smtpd_milters = unix:/var/milter-greylist/milter-greylist.sock
inet:127.0.0.1:8891
non_smtpd_milters = inet:127.0.0.1:8891
and I have a before-queue content filter:
smtp inet n - n - 20 smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
-o smtpd_proxy_ehlo=amavis-at-mydomain.tld
-o disable_mime_output_conversion=yes
127.0.0.1:10025 inet n - n - - smtpd
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=
-o mynetworks=127.0.0.0/8
-o receive_override_options=no_unknown_recipient_checks
-o smtpd_milters=
-o non_smtpd_milters=
Obviously I'm missing something here. The processing of an email that I feed
through the webmail (sitting on the same server as postfix), and the processing
of an email I feed through my email client on my workstation via an ssh tunnel
are very different.
On workstation side, I'm using an on demand tunnel, everything is piped into nc
targeting localhost:25.
Any idea that would allow DKIM to sign emails I'm sending via my ssh tunnel?
Patrick
