Re: OpenDKIM but no log of postfix milter running or trying to run

Wed, 14 Oct 2020 05:09:02 -0700 

Set "milter_default_action" to "reject", reload postfix, and try to send
mail.
You should probably get some errors in maillog.
Check your syslog config, to make sure opendkim logs are also written.

Check your dkim is running (telnet 127.0.0.1 8891).

Btw, I have not set "milter_mail_macros" explicitly.
The default on my system is "milter_mail_macros = i {auth_type}
{auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer}" and it
works.


On Wed, Oct 14, 2020 at 1:27 PM Jeff Abrahamson <j...@p27.eu> wrote:

> I've set up OpenDKIM.  I've noted the config below, but the basic issue is
> that my mails aren't being DKIM signed and my logs, while showing no
> mail-related errors, also don't show any evidence of milters running or
> trying to run.  So I'm suspecting postfix config error rather than
> opendkim.  So far all doc reading and googling is leading me nowhere
> immediately helpful.
>
> I'm trying to figure out what's wrong or at least how to debug it
> further.  (This is all on ubuntu 16.04.6 LTS.  I sadly need to get this
> working before I can spend the time to transition us to a 20.04 host.)
> Postfix is v 3.1.0, opendkim is 2.10.3.
>
> This is the relevant config I've added to my /etc/postfix/main.cf:
>
> smtpd_milters           = inet:127.0.0.1:8891
> non_smtpd_milters       = $smtpd_milters
> milter_default_action   = accept
> milter_protocol         = 6
> # Appears default doesn't include {auth_type}.
> # Cf. http://www.opendkim.org/opendkim.8.html
> milter_mail_macros="i {mail_addr} {client_addr} {client_name} {auth_type}
> {auth_authen}"
>
> The OpenDKIM config is this:
>
> Canonicalization        relaxed/relaxed
> ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
> InternalHosts           refile:/etc/opendkim/TrustedHosts
> KeyTable                refile:/etc/opendkim/KeyTable
> LogWhy                  Yes
> # MilterDebug        0
> MilterDebug        1
> MinimumKeyBits          1024
> Mode                    sv
> PidFile                 /var/run/opendkim/opendkim.pid
> SigningTable            refile:/etc/opendkim/SigningTable
> # Must agree with value in /etc/default/opendkim.
> Socket                  inet:8891@localhost
> Syslog                  Yes
> SyslogSuccess           Yes
> TemporaryDirectory      /var/tmp
> UMask                   022
> UserID                  opendkim:opendkim
> OversignHeaders         From
> SignatureAlgorithm      rsa-sha256
> AutoRestart             Yes
>
> KeyTable is
>
> nantes-1.p27.eu   p27.eu:mail:/etc/opendkim/p27.eu.key
>
> SigningTable is
>
> *@p27.eu                 nantes-1.p27.eu
> *@transport-nantes.com   nantes-1.p27.eu
>
> and TrustedHosts (which may not be needed) is
>
> 127.0.0.1
>
> Any suggestions?
>
> --
> Jeff Abrahamson
> +33 6 24 40 01 57
> +44 7920 594 255
> http://p27.eu/jeff/http://transport-nantes.com/
>
>

Reply via email to