I've set up OpenDKIM. I've noted the config below, but the basic issue
is that my mails aren't being DKIM signed and my logs, while showing no
mail-related errors, also don't show any evidence of milters running or
trying to run. So I'm suspecting postfix config error rather than
opendkim. So far all doc reading and googling is leading me nowhere
immediately helpful.
I'm trying to figure out what's wrong or at least how to debug it
further. (This is all on ubuntu 16.04.6 LTS. I sadly need to get this
working before I can spend the time to transition us to a 20.04 host.)
Postfix is v 3.1.0, opendkim is 2.10.3.
This is the relevant config I've added to my /etc/postfix/main.cf:
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
milter_protocol = 6
# Appears default doesn't include {auth_type}.
# Cf. http://www.opendkim.org/opendkim.8.html
milter_mail_macros="i {mail_addr} {client_addr} {client_name}
{auth_type} {auth_authen}"
The OpenDKIM config is this:
Canonicalization relaxed/relaxed
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
LogWhy Yes
# MilterDebug 0
MilterDebug 1
MinimumKeyBits 1024
Mode sv
PidFile /var/run/opendkim/opendkim.pid
SigningTable refile:/etc/opendkim/SigningTable
# Must agree with value in /etc/default/opendkim.
Socket inet:8891@localhost
Syslog Yes
SyslogSuccess Yes
TemporaryDirectory /var/tmp
UMask 022
UserID opendkim:opendkim
OversignHeaders From
SignatureAlgorithm rsa-sha256
AutoRestart Yes
KeyTable is
nantes-1.p27.eu p27.eu:mail:/etc/opendkim/p27.eu.key
SigningTable is
*@p27.eu nantes-1.p27.eu
*@transport-nantes.com nantes-1.p27.eu
and TrustedHosts (which may not be needed) is
127.0.0.1
Any suggestions?
--
Jeff Abrahamson
+33 6 24 40 01 57
+44 7920 594 255
http://p27.eu/jeff/
http://transport-nantes.com/
