> On Apr 9, 2019, at 2:08 PM, James Moe wrote:
>
> Had I set "debug_peer_level" to 0 (zero), would that have prevented
> the verbose output as well?
No. A value that is zero or less raises a fatal error. The correct
way to disable peer-specific debug logging is to clear the debug
peer list.
On 09/04/2019 10.27 AM, Wietse Venema wrote:
> That's DEBUG-PEER-LIST, not DEBUG-PEER-LEVEL.
>
Ah. My confusion.
Had I set "debug_peer_level" to 0 (zero), would that have prevented
the verbose output as well?
--
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.
signature.a
James Moe:
Checking application/pgp-signature: FAILURE
-- Start of PGP signed section.
> On 08/04/2019 10.55 AM, Viktor Dukhovni wrote:
>
> > Set "debug_peer_list" empty. Also remove any "-v" flags in master.cf,
That's DEBUG-PEER-LIST, not DEBUG-PEER-LEVEL.
Wietse
On 08/04/2019 10.55 AM, Viktor Dukhovni wrote:
> Set "debug_peer_list" empty. Also remove any "-v" flags in master.cf,
> and don't start postfix with "postfix -v start" (a restart may be
> required if that was the case).
>
I did all that. The output is still highly verbose.
After commenting "
On Tuesday, April 09, 2019 08:50:52 AM Bill Cole wrote:
> On 9 Apr 2019, at 5:36, Ntek, SIA Janis wrote:
> > What's your key-size?
> > My DNS provider does not support 2048, I found it out the hard way.
>
> Note that this is usually due to a 255-character limit on a single
> string in a TXT record
Gary Smith:
> Here is where I'm at:
> I have setup an advanced filter on localhost:10026
> I have testing the filter to make sure it will indeed relay the email (with
> sender/network validation)
>
> I think my final step, and where my confusion is, is how to drop
> the email from my content filt
On 9 Apr 2019, at 5:36, Ntek, SIA Janis wrote:
What's your key-size?
My DNS provider does not support 2048, I found it out the hard way.
Note that this is usually due to a 255-character limit on a single
string in a TXT record. This is because the character-string type in DNS
is defined as a
* SIA Janis Ntek:
> Why do use
> > inet:localhost:8891
> Instead of a socket?
Probably because the above stream socket is, unfortunately, what is to
this day used in both opendkim.conf.simple and opendkim.conf.sample in
the source code, although a domain socket would be safer in terms of
access r
Hi, not sure my SOP will help you but here it is and it does work.
https://linux.uits.uconn.edu/dkim-review-of-all-aspects/
Your logs will be the best place to find problems.
Good Luck.
-ANGELO FAZZINA
ang...@uconn.edu
University of Connecticut, ITS, SSG, Server Systems
860-486-9075
-Orig
Apr 9 09:40:14 rx200 mail.info opendkim[4396]: C03DE1014429:
foobar.example.com [192.0.2.10] not internal
It seems that the domain you want to sign is not in the KeyTable or
SigningTable! Note that if you put "refile:" before config file path in
/etc/opendkim.conf the syntax changes!
If
Si
‐‐‐ Original Message ‐‐‐
On Tuesday, April 9, 2019 9:40 AM, Jim P. wrote:
> On Tue, 2019-04-09 at 08:22 +, Laura Smith wrote:
>
> > OpenDKIM is not signing my mails.
>
> .
>
> > KeyTable /etc/opendkim/KeyTable
>
> I think this should be:
>
> KeyTable refile:/etc/ope
What's your key-size?
My DNS provider does not support 2048, I found it out the hard way. 1024
seems to be the most popular size and google demands at least 1024.
Ounce you get the signing working you can regen a 2048 and check if you
can feed it in DNS TXT, but for first testing stick to 1024
The linke of linode, but transformed in a script for Debian 9.
https://github.com/thctlo/debian-scripts/blob/master/setup-opendkim-postfix.sh
Read it or use it. ( make backups first ).
Its tested on a clean setup, but if you read through the script you see
everything thats needed to fix this.
Why do use
inet:localhost:8891
Instead of a socket?
I conf'ed it using this tutorial:
https://www.linode.com/docs/email/postfix/configure-spf-and-dkim-in-postfix-on-debian-8/
smtpd_milters = local:opendkim/opendkim.sock
non_smtpd_milters = local:opendkim/opendkim.sock
The sockets are relative p
On Tue, 9 Apr 2019 at 09:41, Jim P. wrote:
> On Tue, 2019-04-09 at 08:22 +, Laura Smith wrote:
> > OpenDKIM is not signing my mails.
> .
> > KeyTable/etc/opendkim/KeyTable
>
> I think this should be:
>
> KeyTablerefile:/etc/opendkim/KeyTable
>
>
> > Interna
On Tue, 2019-04-09 at 08:22 +, Laura Smith wrote:
> OpenDKIM is not signing my mails.
.
> KeyTable /etc/opendkim/KeyTable
I think this should be:
KeyTablerefile:/etc/opendkim/KeyTable
> InternalHosts refile:/etc/opendkim/TrustedHosts
Try using E
Based on the responses to my previous question about using OpenDKIM (quite what
"standards have not changed" has to do with software bugs makes no sense to me
!). However, having been told I'm stupid not to continue using software many
years old I thought I would suck it up and continue with Ope
17 matches
Mail list logo
