Configure Opendkim and Opendmarc using socket

[tochiwa94]

Hello everyone! After different EFA deployments and different mixed configurations, I am trying to configure the unix socket communication between postfix and opendkim, but everytime I found just problems or bugs. Let me explain:
default opendkim configuration:

Code: Select all

/etc/opendkim/opendkim.conf
Socket = local:/run/opendkim/opendkim.sock

Setting in postfix:

Code: Select all

smtpd_milters = local:/run/opendkim/opendkim.conf, (etc)

and after a

Code: Select all

systemctl restart opendkim postfix

I find these errors:

Code: Select all

antispam postfix/cleanup[4443]: warning: connect to Milter service local:/run/opendkim/opendkim.sock: Permission denied

Here what it says:

Code: Select all

ls -al /run/opendkim
drwxr-x---.	2 opendkim opendkim   80 Aug 22 18:36 .
drwxr-xr-x.	40 root	root	1060 Aug 22 18:36 ..
-rw-r--r--.	        1 opendkim opendkim	5 Aug 22 18:36 opendkim.pid
srwxrwx---.	1 opendkim opendkim	0 Aug 22 18:36 opendkim.sock

Any change that I make to ownership or permissions on the folder above, nothing changes. Only solution that I found online is to add postfix in opendkim group:

Code: Select all

usermod -aG opendkim postfix

But after that, suddenly MailScanner gives errors like:

Code: Select all

antispam MailScanner[7564]: Unable to openQMQP socket /var/spool/postfix/public/qmqp
antispam MailScanner[7564]: Unable to kick mesage /var/spool/MailScanner/milterout/4RVZYZ71VszG1mh, will retry soon

or

Code: Select all

antispam opendkim[7827]: Cannot open /var/spool/MailScanner/milterout/4RVZYZ71VszG1mh for relaying, will try again later

If I remove postfix from opendkim or opendmarc group, suddenly MailScanner errors disappear.
Note: I already tried using inet:localhost and it works flawlessly, but I wanted to try a different configuration, knowing that is more efficient when dealing with a ton of mails.
Thanks in advance.