Score:5

Why doesn't dkim sign the letter?

fr flag

I have configured DKIM:

Dec 27 11:10:03 mailer opendkim[378]: OpenDKIM Filter v2.11.0 starting (args: -x /etc/opendkim.conf)
Dec 27 11:10:10 mailer postfix/postfix-script[551]: warning: symlink leaves directory: /etc/postfix/./makedefs.out
Dec 27 11:10:10 mailer postfix/postfix-script[719]: starting the Postfix mail system
Dec 27 11:10:10 mailer postfix/master[721]: daemon started -- version 3.4.13, configuration /etc/postfix

But the letters are not signed, I connect on port 25, there are no errors, tell me in which configuration file can there be problems? My key is being verified

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: key loaded from /etc/postfix/dkim/mail.private
opendkim-testkey: checking key 'mail._domainkey.domain.com'
opendkim-testkey: key not secure
opendkim-testkey: key OK

Configured exactly as in this guide https://www.linuxbabe.com/mail-server/setting-up-dkim-and-spf

Please tell me which way to look and where I could be wrong with the settings. Thanks in advance to everyone!

grep Socket /etc/opendkim.conf ->

# Socket smtp://localhost
# ##  Socket socketspec
#Socket                  inet:8892@localhost
#Socket    inet:12301@localhost
Socket inet:8891@localhost
#Socket    local:/run/opendkim/opendkim.sock

sammy@mailer:~$ grep -e 8891 -e unix /etc/postfix/main.cf
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
jp flag
Does this answer your question? [opendkim-testkey: key not secure](https://serverfault.com/questions/1048491/opendkim-testkey-key-not-secure)
Paul avatar
cn flag
What is the output of `grep Socket /etc/opendkim.conf`?
Oleksandr avatar
fr flag
@Paul `# Socket smtp://localhost # ## Socket socketspec #Socket inet:8892@localhost #Socket inet:12301@localhost #Socket local:/run/opendkim/opendkim.sock`
Paul avatar
cn flag
Please [edit](https://serverfault.com/posts/1088302/edit) the question to include the output (it makes it easier to read because `opendkim` and indeed nearly all configuration files interpret new lines, and I don't know where the lines begin and end within a comment.)
Oleksandr avatar
fr flag
@Paul ok sorry)
Oleksandr avatar
fr flag
@Paul i updated the question
Paul avatar
cn flag
Please post the output of `grep -e 8891 -e unix /etc/posfix/main.cf`.
Oleksandr avatar
fr flag
@Paul i updated the question
Oleksandr avatar
fr flag
@Paul I am getting an error like this when posting a message `warning: connect to Milter service inet:localhost:8891: Connection refused`
Oleksandr avatar
fr flag
@Paul ^ I fixed this mistake by accidentally adding a number when editing socket
Oleksandr avatar
fr flag
@Paul Now I'm connecting to the socket, but the signature still does not happen
Paul avatar
cn flag
Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/132639/discussion-between-paul-and-oleksandr).
Score:6
cn flag

It appears you have accidentally missed the section in the tutorial titled "Connect Postfix to OpenDKIM", which configures OpenDKIM on Unix domain sockets instead of the default TCP configuration.

The postfix process is chrooted in /var/spool/postfix, so supporting Unix sockets requires creating a directory for the sockets with appropriate permissions:

sudo mkdir /var/spool/postfix/opendkim
sudo chown opendkim:postfix /var/spool/postfix/opendkim

Change the opendkim configuration to support domain sockets:

sudo nano /etc/opendkim.conf

Change to match:

#Socket inet:8891@localhost
Socket local:/var/spool/postfix/opendkim/opendkim.sock

Edit main.cf to support the configuration:

sudo nano /etc/postfix/main.cf

Change:

smtpd_milters = local:opendkim/opendkim.sock
non_smtpd_milters = $smtpd_milters

Restart both processes:

sudo systemctl restart opendkim postfix
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.