Re: Relating to Domains.. from N. on 2011-09-29 (OpenDKIM Users mailing list)

From: N. <visionary_at_gmail.com>
Date: Thu, 29 Sep 2011 03:16:03 -0400

Hmm interesting. In terms of Postfix, I inserted the lines from Steve's blog:

http://stevejenkins.com/blog/2010/09/how-to-get-dkim-domainkeys-identified-mail-working-on-centos-5-5-and-postfix-using-opendkim/

smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
milter_protocol = 2

Think line #4 could be the problem? It says its "optional" in a way in
Steve's blog.

The thing is - Postfix isn't reporting anything to maillog either -
think its because I'm sending through the perl script to Amazon SES.
So I'm not sure how I should see what Postfix is "doing" ya know?

I wonder if there's another way to see if "packet filter is
interfering with socket communication" somehow. Nothing is in the
maillog - no errors - and the email is getting sent.

On Thu, Sep 29, 2011 at 1:30 AM, Murray S. Kucherawy <msk_at_blackops.org> wrote:
> [re-sending to the list]
>
> On Wed, 28 Sep 2011, N. wrote:
>>
>> [root_at_private ~]# cat strace.out
>> 26712 rt_sigtimedwait([HUP INT TERM], <unfinished ...>
>> 26711 rt_sigtimedwait([USR1], <unfinished ...>
>> 26710 select(4, [3], NULL, [3], {1, 441000}) = 0 (Timeout)
>> 26710 select(4, [3], NULL, [3], {5, 0}) = 0 (Timeout)
>> 26710 select(4, [3], NULL, [3], {5, 0}) = 0 (Timeout)
>> 26710 select(4, [3], NULL, [3], {5, 0}) = 0 (Timeout)
>> 26710 select(4, [3], NULL, [3], {5, 0}) = 0 (Timeout)
>> 26710 select(4, [3], NULL, [3], {5, 0}) = 0 (Timeout)
>
> Looks to me like postfix never made contact with opendkim. You would see a
> call to select() complete rather that timeout, and there would then be a
> call to accept() followed by a series of read()/recvfrom() and
> write()/sendto() calls as they communicate.
>
> Is it possible you have a packet filter interfering with socket
> communication? You should see some timeouts or other errors from the
> postfix side in that case as it tries but fails to reach the filter, or you
> might see activity in the packet filter's logs that show it's blocking the
> I/O from postfix.
>
> You might try using a UNIX domain socket rather than a TCP socket if that's
> the case, as these tend to bypass packet filters, such as this in
> opendkim.conf:
>
> Socket local:/var/run/opendkim/opendkim.sock
>
> ...and similar configuration on the postfix side. Just make sure the
> postfix process has permission to access the socket.
>
> -MSK
>
Received on Thu Sep 29 2011 - 07:16:18 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:20 PST