Loading ...
Sorry, an error occurred while loading the content.
 

Re: postfix / dkim: no signature for emails submitted through ssh tunnel

Expand Messages
  • patrick.proniewski@...
    Finally, after an interesting discussion over this issue on opendkim-users, I ve been able to google my way out, with a solution from Wietse:
    Message 1 of 5 , Mar 18, 2013
      Finally, after an interesting discussion over this issue on opendkim-users, I've been able to google my way out, with a solution from Wietse:

      <http://postfix.1071664.n5.nabble.com/Any-best-practices-for-stacking-filters-td51592.html>

      thanks,

      On 17 mars 2013, at 14:51, patrick.proniewski@... wrote:

      > On 17 mars 2013, at 00:38, Noel Jones wrote:
      >
      >> On 3/16/2013 2:51 PM, patrick.proniewski@... wrote:
      >>> Hello,
      >>>
      >>> I have a small problem with my postfix/dkim setup:
      >>>
      >>> - dkim properly sign every emails I send via my webmail frontend, crontab, or the mail command from the server.
      >>> - dkim won't sign emails I send from my workstation to my server via an ssh tunnel.
      >>
      >>
      >> Have you tried submitting mail from 127.0.0.1 via SMTP without the
      >> tunnel? I'm guessing that doesn't work either, meaning the question
      >> can be rephrased "works from non-smtpd, doesn't work with smtpd".
      >
      > I tried to telnet a mail, but DKIM won't sign it. Looks like you are right.
      >
      >
      >>> main.cf reads:
      >>>
      >>> smtpd_milters = unix:/var/milter-greylist/milter-greylist.sock inet:127.0.0.1:8891
      >>> non_smtpd_milters = inet:127.0.0.1:8891
      >>
      >> You should check your "postconf -n" output to see if it contains
      >> these same settings. The list welcome message asks for "postconf
      >> -n" output, not main.cf snippings.
      >
      > postconf -n appears to be correct (in a previous message).
      >
      >
      >> Assuming your dkim milter is on inet:127.0.0.1:8891, it appears to
      >> be included in both smtpd and non-smtpd mail.
      >
      > it is.
      >
      >> Since it's not working with smtpd mail, that strongly suggests a
      >> configuration problem with your dkim milter. Check your dkim
      >> configuration to make sure mail from localhost will be signed.
      >
      > I've suspected a conflict or interaction between milter-greylist and milter-opendkim, but disabling milter-greylist wouldn't change anything.
      > I'll check on the opendkim config side, but out of the box it's supposed to sign everything from localhost, and I've added every IP addresses of the server.
      > May be there's something on the MACRO side of the problem, not sure.
      >
      > thanks,
      > Patrick
    Your message has been successfully submitted and would be delivered to recipients shortly.