froxlor with dkimpy-milter

[veto]

Hi,

I'm trying to setup dkimpy-milter with frolxor.

The installation via apt-get in debian was quick.

The setup in foroxlor under DomainKey settings was successfully and i see all the needed files in  /etc/postfix/dkim/

in main.cf I added:

milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8892

 

and in master.cf i add:

smtp      inet  n       -       y       -       -       smtpd
  -o smtpd_milters=inet:localhost:8892
  -o milter_macro_daemon_name=VERIFYING

submission inet n       -       y       -       -       smtpd
   -o syslog_name=postfix/submission
   -o smtpd_tls_security_level=encrypt
   -o smtpd_sasl_auth_enable=yes
   -o milter_macro_daemon_name=ORIGINATING
   -o smtpd_milters=inet:localhost:8891

 

 

But when I send an email via a Sylpheed mail client, I cannot find yet any dkim entry in the mail header.

I cannot find much documentation about it.

for any help, thanks.

 

 

 

[d00p]

Well I don't know dkimpy-milter, what does it config look like? anything in the logfiles?

[veto]

config file:

etc # cat dkimpy-milter.conf
# This is a basic configuration that can easily be adapted to suit a standard
# installation. For more advanced options, see dkimpy-milter.conf(5) and/or
# /usr/share/doc/dkimpy-milter/examples/opendkim.conf.sample.

# Log to syslog
Syslog            yes

# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
UMask            007

# Sign for example.com with key in /etc/dkimkeys/dkim.key using
# selector '2007' (e.g. 2007._domainkey.example.com)
Domain            *
#KeyFile            /etc/mail/dkim.key
KeyFile                /etc/postfix/dkim/dkim1.priv
Selector        default
# Commonly-used options; the commented-out versions show the defaults.
#Canonicalization    relaxed/simple
Mode            sv
MacroList        dameon_name|ORIGINATING
MacroListVerify        daemon_name|VERIFYING
# Socket local:/var/run/dkimpy-milter/dkimpy-milter.sock
#
# ##  Socket socketspec
# ##
# ##  Names the socket where this filter should listen for milter connections
# ##  from the MTA.  Required.  Should be in one of these forms:
# ##
# ##  inet:port@address           to listen on a specific interface
# ##  inet:port                   to listen on all interfaces
# ##  local:/path/to/socket       to listen on a UNIX domain socket
#
Socket            inet:8892@localhost

##  PidFile filename
###      default /var/run/dkimpy-milter/dkimpy-milter.pid
###
###  Name of the file where the filter should write its pid before beginning
###  normal operations.
#
PidFile            /var/run/dkimpy-milter/dkimpy-milter.pid

##  Userid userid
###      default dkimpy-milter
###
###  Change to user "userid" before starting normal operation?  May include
###  a group ID as well, separated from the userid by a colon.
#
UserID            dkimpy-milter

 

the log  is recorded to /var/log/syslog and it's working

but no log of error or info when I try to send the email

[d00p]

Looks to me like you are using one fixed key for all domains (KeyFile /etc/postfix/dkim/dkim1.priv). From a very quick google search, you might want to look into the KeyTable and SigningTable setting (source: https://pypi.org/project/dkimpy-milter/)

[veto]

Yes, this was an issue. I needed to install the latest dkimpy-milter via backports to be able to use keytable and singingtable.

after I add a source backport i installed it with:

apt -t buster-backports install dkimpy-milter

 

but now it complains that the froxlor generated file like dkim-keys.conf is not compatible for the KeyTable. I also can not find any SigningTable for it.

 

When i switch to opendkim i'm getting similar issues.

 

 

 

[d00p]

Froxlor does not generate a specific config file for dkimpy...Just Key Files. You might need a small Script that does that