Re: opendkim/postfix: no signature for emails submitted through port 25

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Mon, 18 Mar 2013 07:10:17 -0700 (PDT)

On Mon, 18 Mar 2013, Patrick Proniewski wrote:
> An email submitted via webmail (hence being signed) leaves those traces:
>
> [34380753600] milter_negotiate: mta_actions=0x1ff, mta_flags=0x1fffff actions=0x111, flags=0x100702
> [34380753600] abort: cur 3 (8) new 11 (800) next 12018
>
> pretty sure the problem is not with libmilter.

In libmilter terms, a filter is told "abort" by the MTA when a message has
started processing, but some other filter has given a final action on the
message; the filter is being told to cancel processing. What this tells
me is that some other filter you're using might be the culprit.

Specifically, this looks like what's happening:

- MTA gets a new SMTP connection
- MTA connects to all of your filters, including opendkim
- MTA goes through option negotiation with all filters (this is the first
log line you pasted)
- some other filter decides traffic from this connection should be allowed
unfiltered
- MTA tells opendkim that the transaction is being aborted (and thus, of
course, the message isn't being signed)

It's also possible there's some kind of filtering whitelist in effect for
your webmail clients.

I suggest trying to get more information out of postfix.

-MSK
Received on Mon Mar 18 2013 - 14:10:48 PST

This archive was generated by hypermail 2.3.0 : Mon Mar 18 2013 - 14:18:02 PST