OpenDKIM ekki undirritaður en engin villa
Ég hef sett upp opendkim (2.10) með postfix á Ubuntu 16.04 gestgjafa. Samkvæmt logum er allt í lagi (þ.e. engar villur) en ekki er verið að undirrita póst. Ég sé að postfix er að senda skilaboð til OpenDKIM (vegna þess að ég hætti með opendkim, postfix kvartar yfir því að það sé ekki til staðar), en ég hef engan sýnileika á OpenDKIM sjálfum.
Þetta er það skipulag sem ég hef:
opendkim .conf:
Canonicalization relaxed/relaxed
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
KeyTable refile:/etc/opendkim/KeyTable
LogWhy Yes
MinimumKeyBits 1024
Mode sv
PidFile /var/run/opendkim/opendkim.pid
SigningTable refile:/etc/opendkim/SigningTable
# Must agree with value in /etc/default/opendkim.
Socket inet:8891@localhost
## Postfix puts itself in a chroot jail and can't see this in the
## default location. So just use TCP.
# Socket local:/var/run/opendkim/opendkim.sock
Syslog Yes
SyslogSuccess Yes
TemporaryDirectory /var/tmp
UMask 022
UserID opendkim:opendkim
# Always oversign From (sign using actual From and a null From to prevent malicious
# signatures header fields (From and/or others) between the signer and the verifier)
OversignHeaders From
# Hashing Algorithm
SignatureAlgorithm rsa-sha256
# Auto restart when the failure occurs. CAUTION: This may cause a tight fork loops
AutoRestart Yes
Lykiltafla:
nantes-1.p27.eu p27.eu:mail:/etc/opendkim/p27.eu.key
Undirritunartafla:
*@p27.eu nantes-1.p27.eu
*@transport-nantes.com nantes-1.p27.eu
TrustedHosts:
127.0.0.1
postfix / main.cf:
# [...]
# OpenDKIM
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
# Postfix v3 so milter protocol 6 and not 2.
milter_protocol = 6
# There was a time, at least, when "auth_type" was not passed by default.
# I've not been able to determine if this still matters or not.
milter_mail_macros="i {mail_addr} {client_addr} {client_name} {auth_type} {auth_authen}"
Prófun:
Sending pósts leiðir ekki til neinna villna í annálunum, en skilaboðin eru ekki dkim-undirritaður. Þegar ég prófa á staðnum sé ég þetta:
[T] jeff@nantes-1:~ $ opendkim-testkey -d p27.eu -s mail -vvvv
opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: checking key 'mail._domainkey.p27.eu'
opendkim-testkey: key not secure
opendkim-testkey: key OK
[T] jeff@nantes-1:~ $ opendkim-testkey -d transport-nantes.com -s mail -vvv
opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: checking key 'mail._domainkey.transport-nantes.com'
opendkim-testkey: key not secure
opendkim-testkey: key OK
[T] jeff@nantes-1:~ $
Einhverjar uppástungur hvað ég hef gert rangt eða hvernig á að kemba frekar?
Viðbót: lausn
ubuntu 16.04 OpenDKIM lausnin hrygnir OpenDKIM þannig:
/usr/sbin/opendkim -x /etc/opendkim.conf -u opendkim -P /var/run/opendkim/ope dkim.pid -p inet:8891@localhost
Lausnin var til /etc/opendkim.conf frekar en /etc/opendkim/opendkim.conf . (Einhversstaðar myndi ég lesa /etc/opendkim/opendkim.conf , rétt eða rangt, og ég hef að eilífu lesið hvort tveggja eins.)
Решение OpenDKIM в Ubuntu 16.04 порождает OpenDKIM таким образом:
/usr/sbin/opendkim -x /etc/opendkim.conf -u opendkim \
-P /var/run/opendkim/ope dkim.pid -p inet:8891@localhost
Решение заключалось в использовании /etc/opendkim.conf, а не /etc/opendkim/opendkim.conf. (Где-то я читал /etc/opendkim/opendkim.conf, правильно или неправильно, и всегда после этого читал и то, и другое как одно и то же.)
Другими словами, это была комбинация известной ошибки в человеческом мозгу ( увидеть что-то близкое к правому и видеть одно и то же каждый раз после этого) и странное нарушение соглашения OpenDKIM (обычно создается подкаталог /etc/ вместо того, чтобы помещать файлы непосредственно в /etc/, особенно если вам позже понадобятся дополнительные файлы).