First of all sorry for my long post, but with less info i think i will not find a solution for my problem..
I recently migrated successfully from efa 3 to 4. My situation is as following:
I have an internal mailserver, which is using the EFA server as outbound mail relay, and all incoming mail is also flowing through the efa to the internal mailserver. That is working correctly so far.
But now i am trying to get outbound DKIM signing to work, but until now all my efforts fails..
I followed the instructions from jamerson (viewtopic.php?t=4111)
Installing opendkim was not nessecary however.
I ended up with the following configuration:
Code: Select all
# ls -l /etc/opendkim/keys/mydomain.org/
-rw-------. 1 opendkim opendkim 887 Aug 27 22:52 default.private
-rw-------. 1 opendkim opendkim 327 Aug 27 22:52 default.txt
Code: Select all
# cat /etc/opendkim.conf | grep -v "#" | grep -v "^$"
PidFile /var/run/opendkim/opendkim.pid
Mode sv
Syslog yes
SyslogSuccess yes
LogWhy yes
UserID opendkim:opendkim
Socket inet:8891@localhost
Umask 002
SendReports yes
SoftwareHeader yes
Canonicalization relaxed/relaxed
Domain mydomain.org
MinimumKeyBits 1024
KeyTable /etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrustedHosts
OversignHeaders From
Code: Select all
# cat /etc/opendkim/KeyTable | grep -v "#" | grep -v "^$"
default._domainkey.mydomain.org mydomain.org:default:/etc/opendkim/keys/mydomain.org/default.private
Code: Select all
[root@efa4 admin]# cat /etc/opendkim/SigningTable | grep -v "#" | grep -v "^$"
*@mydomain.org default._domainkey.mydomain.org
Code: Select all
# cat /etc/opendkim/TrustedHosts | grep -v "#" | grep -v "^$"
127.0.0.1
::1
192.168.1.13
internalmail.mydomain.lan
server.mydomain.org
Code: Select all
# tail /etc/postfix/main.cf | grep -v "#" | grep -v "^$"
masquerade_domains = mydomain.org
smtpd_milters = inet:localhost:8891, inet:localhost:8893, inet:127.0.0.1:33333
non_smtpd_milters = inet:localhost:8891, inet:localhost:8893
milter_default_action = accept
qmqpd_authorized_clients = 127.0.0.1 [::1]
message_size_limit = 133169152
mailbox_size_limit = 133169152
qmqpd_authorized_clients = 127.0.0.1 [::1]
enable_long_queue_ids = yes
error_notice_recipient = root
sender_canonical_maps = hash:/etc/postfix/sender_canonical
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
Code: Select all
Aug 31 21:05:50 efa4 postfix/smtpd[114559]: connect from internalmail.mydomain.lan[192.168.1.13]
Aug 31 21:05:50 efa4 postfix/smtpd[114559]: Anonymous TLS connection established from internalmail.mydomain.lan[192.168.1.13]: TLSCDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Aug 31 21:05:50 efa4 postfix/smtpd[114559]: 4BgKRL66PkzDm4: client=internalmail.mydomain.lan[192.168.1.13]
Aug 31 21:05:50 efa4 postfix/cleanup[114569]: 4BgKRL66PkzDm4: message-id=<internalmail.5f4d4a0c.262d.4dbad9ed728eba27@internalmail.doornen
Aug 31 21:05:50 efa4 opendkim[117399]: 4BgKRL66PkzDm4: internalmail.mydomain.lan [192.168.1.13] not internal
Aug 31 21:05:50 efa4 opendkim[117399]: 4BgKRL66PkzDm4: not authenticated
Aug 31 21:05:50 efa4 opendkim[117399]: 4BgKRL66PkzDm4: no signature data
Aug 31 21:05:50 efa4 opendmarc[117371]: 4BgKRL66PkzDm4: SPF(mailfrom): gerrit@mydomain.org fail
Aug 31 21:05:50 efa4 opendmarc[117371]: 4BgKRL66PkzDm4: mydomain.org none
Aug 31 21:05:51 efa4 MSMilter[114567]: MailWatch: Whitelist refresh time reached
Aug 31 21:05:51 efa4 MSMilter[114567]: MailWatch: Starting up MailWatch SQL Whitelist
Aug 31 21:05:51 efa4 MSMilter[114567]: MailWatch: Read 12 whitelist entries
Aug 31 21:05:51 efa4 MSMilter[114567]: MailWatch: Blacklist refresh time reached
Aug 31 21:05:51 efa4 MSMilter[114567]: MailWatch: Starting up MailWatch SQL Blacklist
Aug 31 21:05:51 efa4 MSMilter[114567]: MailWatch: Read 6 blacklist entries
Aug 31 21:05:51 efa4 postfix/cleanup[114569]: 4BgKRL66PkzDm4: milter-discard: END-OF-MESSAGE from internalmail.mydomain.lan[192.16iggers DISCARD action; from=<gerrit@mydomain.org> to=<G.mydomain@gmail.nl> proto=ESMTP helo=<internalmail.mydomain.lan>
Aug 31 21:05:51 efa4 postfix/smtpd[114559]: disconnect from internalmail.mydomain.lan[192.168.1.13] ehlo=2 starttls=1 mail=1 rcpt=mmands=7
Aug 31 21:05:54 efa4 MailScanner[106047]: New Batch: Scanning 1 messages, 3631 bytes
Aug 31 21:05:54 efa4 MailScanner[106047]: Virus and Content Scanning: Starting
Aug 31 21:05:55 efa4 MailScanner[106047]: <A> tag found in message 4BgKRL66PkzDm4 from gerrit@mydomain.org
Aug 31 21:05:55 efa4 MailScanner[106047]: Spam Checks: Starting
Aug 31 21:05:55 efa4 MailScanner[106047]: Expired 2 records from the SpamAssassin cache
Aug 31 21:05:55 efa4 MailScanner[106047]: MailWatch: Whitelist refresh time reached
Aug 31 21:05:55 efa4 MailScanner[106047]: MailWatch: Starting up MailWatch SQL Whitelist
Aug 31 21:05:55 efa4 MailScanner[106047]: MailWatch: Read 12 whitelist entries
Aug 31 21:05:55 efa4 MailScanner[106047]: MailWatch: Blacklist refresh time reached
Aug 31 21:05:55 efa4 MailScanner[106047]: MailWatch: Starting up MailWatch SQL Blacklist
Aug 31 21:05:55 efa4 MailScanner[106047]: MailWatch: Read 6 blacklist entries
Aug 31 21:05:58 efa4 MailScanner[106047]: Requeue: 4BgKRL66PkzDm4 to 4BgKRV1q0hz5DHL
Aug 31 21:05:58 efa4 postfix/qmqpd[114581]: connect from localhost[127.0.0.1]
Aug 31 21:05:58 efa4 postfix/qmqpd[114581]: 4BgKRV22W5zDmD: client=localhost[127.0.0.1]
Aug 31 21:05:58 efa4 opendmarc[117371]: ignoring connection from localhost
Aug 31 21:05:58 efa4 postfix/cleanup[114569]: 4BgKRV22W5zDmD: message-id=<internalmail.5f4d4a0c.262d.4dbad9ed728eba27@internalmail.doornen
Aug 31 21:05:58 efa4 opendkim[117399]: 4BgKRV22W5zDmD: no signature data
Aug 31 21:05:58 efa4 postfix/qmqpd[114581]: disconnect from localhost[127.0.0.1]
Aug 31 21:05:58 efa4 postfix/qmgr[114558]: 4BgKRV22W5zDmD: from=<gerrit@mydomain.org>, size=4003, nrcpt=1 (queue active)
Aug 31 21:05:58 efa4 MailScanner[106047]: Uninfected: Delivered 1 messages
Aug 31 21:05:58 efa4 MailScanner[106047]: Deleted 1 messages from processing-database
Aug 31 21:05:58 efa4 MailScanner[106047]: MailWatch: Logging message 4BgKRL66PkzDm4 to SQL
Aug 31 21:05:58 efa4 MailScanner[113609]: MailWatch: 4BgKRL66PkzDm4: Logged to MailWatch SQL
Aug 31 21:05:58 efa4 postfix/smtp[114584]: 4BgKRV22W5zDmD: to=<G.mydomain@gmail.nl>, relay=hades62.gmail.nl[80.113.97.199]elays=0.21/0.05/0.18/0.1, dsn=2.0.0, status=sent (250 2.0.0 07VJ5wLJ012157-07VJ5wLL012157 Message accepted for delivery)
Aug 31 21:05:58 efa4 postfix/qmgr[114558]: 4BgKRV22W5zDmD: removed
Something that triggers me: opendkim does not see the internal mailserver as internal? why? I tried some stuff, no results.
But with an eFa internal testmail it doesn't work either..
I don't know where to look anymore, anyone a clue?