df8oe Posted August 1, 2019 Share Posted August 1, 2019 I want to start dkim signing. I know that is not related to froxlor in secific but it may fail because of froxlor settings for postfix... I have followed instructions I found here: https://kb.kolabenterprise.com/guides/configure-dkim-signing-and-verification-using-amavis There is no error to see in the logs, but messages are not signed. I tried to increase log_level of amavis and I cannot see there is any try to sing messages. Related per package for DKIM is installed and shown up correctly when amavis starts. Any advice is highly welcome... Best regards df8oe Link to comment Share on other sites More sharing options...
0 d00p Posted August 1, 2019 Share Posted August 1, 2019 6 minutes ago, df8oe said: but it may fail because of froxlor settings for postfix... That's the beauty of froxlor, basically we just need the mysql virtual stuff to make postfix know about the users, the rest can be adjusted and modified to your needs. You can try increasing the loglevels postfix and amavis should give you some hints why or why not it's not signing Link to comment Share on other sites More sharing options...
0 df8oe Posted August 1, 2019 Author Share Posted August 1, 2019 I am little far now... It seems that the lines submission inet n - n - - smtpd -o cleanup_service_name=cleanup_submission (...snip...) -o content_filter=smtp-amavis:[127.0.0.1]:10023 are not sufficient that postfix transfers outgoing mails via port 10023 to amavis. There is no traffic on this port when I send a mail - but identification for amavis to sign dkim is incoming on port 10023. What can override my setting for postfix? Link to comment Share on other sites More sharing options...
0 df8oe Posted August 1, 2019 Author Share Posted August 1, 2019 Regarding port: there was a simple typo in postfix/master.cf in section "submission". Corrected now. Additional info after I have cranked up log levels. Now I see these two lines in amavis log which may declare - but I do not understnad: Aug 1 12:31:38 myserver amavis[31973]: (31973-01) dkim: candidate originators: From:<info@ballaballa.com> Aug 1 12:31:38 myserver amavis[31973]: (31973-01) dkim: not signing, empty signing domain, From: <info@ballaballa.com> Test if mail has to be signed is coming via port 10023. No other tests should be done. How can I disable domain based tests? I thought declaring a policy_bank is sufficient... Link to comment Share on other sites More sharing options...
0 df8oe Posted August 1, 2019 Author Share Posted August 1, 2019 Maybe there is an understanding problem how dkim has to work. I will go to "German discussion" because that makes it easier for me Link to comment Share on other sites More sharing options...
Question
df8oe
I want to start dkim signing. I know that is not related to froxlor in secific but it may fail because of froxlor settings for postfix...
I have followed instructions I found here:
https://kb.kolabenterprise.com/guides/configure-dkim-signing-and-verification-using-amavis
There is no error to see in the logs, but messages are not signed. I tried to increase log_level of amavis and I cannot see there is any try to sing messages. Related per package for DKIM is installed and shown up correctly when amavis starts.
Any advice is highly welcome...
Best regards
df8oe
Link to comment
Share on other sites
4 answers to this question
Recommended Posts