Jump to content
Froxlor Forum
  • 0

dkim using amavis (Debian Stretch)


df8oe

Question

I want to start dkim signing. I know that is not related to froxlor in secific but it may fail because of froxlor settings for postfix...

 

I have followed instructions I found here:

https://kb.kolabenterprise.com/guides/configure-dkim-signing-and-verification-using-amavis

There is no error to see in the logs, but messages are not signed. I tried to increase log_level of amavis and I cannot see there is any try to sing messages. Related per package for DKIM is installed and shown up correctly when amavis starts.

Any advice is highly welcome...

 

Best regards

df8oe

 

Link to comment
Share on other sites

4 answers to this question

Recommended Posts

  • 0
6 minutes ago, df8oe said:

but it may fail because of froxlor settings for postfix...

That's the beauty of froxlor, basically we just need the mysql virtual stuff to make postfix know about the users, the rest can be adjusted and modified to your needs.

You can try increasing the loglevels postfix and amavis should give you some hints why or why not it's not signing

Link to comment
Share on other sites

  • 0

I am little far now...

It seems that the lines

submission          inet        n       -       n       -       -       smtpd
    -o cleanup_service_name=cleanup_submission
    (...snip...)
    -o content_filter=smtp-amavis:[127.0.0.1]:10023

 

are not sufficient that postfix transfers outgoing mails via port 10023 to amavis. There is no traffic on this port when I send a mail - but identification for amavis to sign dkim is incoming on port 10023. What can override my setting for postfix?

 

Link to comment
Share on other sites

  • 0

Regarding port: there was a simple typo in postfix/master.cf in section "submission". Corrected now.

Additional info after I have cranked up log levels. Now I see these two lines in amavis log which may declare - but I do not understnad:

Aug  1 12:31:38 myserver amavis[31973]: (31973-01) dkim: candidate originators: From:<info@ballaballa.com>
Aug  1 12:31:38 myserver amavis[31973]: (31973-01) dkim: not signing, empty signing domain, From: <info@ballaballa.com>

Test if mail has to be signed is coming via port 10023. No other tests should be done. How can I disable domain based tests? I thought declaring a policy_bank is sufficient...
 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.


×
×
  • Create New...