Re: Signing problems with OpenDKIM on Ubuntu

From: Jim Fenton <fenton_at_bluepopcorn.net>
Date: Mon, 22 Apr 2013 08:29:33 -0700

On 04/22/2013 01:24 AM, Murray S. Kucherawy wrote:
> On Sun, 21 Apr 2013, Jim Fenton wrote:
>> Here's everything from the mail log at the time of the message
>> submission/relay:
>>
>> Apr 21 11:02:48 kernel sm-mta[27061]: STARTTLS=server, relay=localhost
>> [127.0.0.1], version=TLSv1/SSLv3, verify=NO,
>> cipher=DHE-RSA-CAMELLIA256-SHA, bits=256/256
>> Apr 21 11:02:48 kernel sm-mta[27061]: AUTH=server, relay=localhost
>> [127.0.0.1], authid=fenton, mech=CRAM-MD5, bits=0
>> Apr 21 11:02:48 kernel sm-mta[27061]: r3LI2l4K027061:
>> from=<fenton_at_bluepopcorn.net>, size=422, class=0, nrcpts=1,
>> msgid=<517429C7.7020400_at_bluepopcorn.net>, proto=ESMTP, daemon=MSP-v6,
>> relay=localhost [127.0.0.1]
>> Apr 21 11:02:48 kernel dovecot: imap(fenton): Disconnected: Disconnected
>> in IDLE in=975 out=143400
>> Apr 21 11:02:49 kernel sm-mta[27064]: r3LI2l4K027061:
>> to=<fenton_at_oneid.com>, ctladdr=<fenton_at_bluepopcorn.net> (1000/1000),
>> delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=120422,
>> relay=mx1.emailsrvr.com. [173.203.2.36], dsn=2.0.0, stat=Sent (Ok:
>> queued as DF/D3-25440-6A924715)
>>
>> Nothing at all from the opendkim daemon. And I do see messages from
>> opendkim when I intentionally misconfigure something, as well as
>> messages from sm-mta when a header field is added.
>
> Well, I'm stumped. opendkim, even with LogWhy off, typically logs
> something per message unless syslogging is disabled altogether, but
> you have it explicitly enabled.
>
> The only thing I can think of now is that perhaps your syslog daemon
> is configured to log at "notice" or higher, and the LogWhy stuff gets
> written at "info" or "debug".

Good thought, I don't see anything in syslog configs to limit logging
that way. And some of these messages are from LogWhy, right?

Apr 21 07:50:56 kernel opendkim[23151]: r3LEosIT026155: no MTA name
match (host=kernel.bluepopcorn.net, MTA=MTA-v6)
Apr 21 07:50:56 kernel opendkim[23151]: r3LEosIT026155:
medusa.blackops.org [208.69.40.157] not internal
Apr 21 07:50:56 kernel opendkim[23151]: r3LEosIT026155: not authenticated
Apr 21 07:50:56 kernel opendkim[23151]: r3LEosIT026155: no signing
domain match for 'blackops.org'
Apr 21 07:50:56 kernel opendkim[23151]: r3LEosIT026155: no signing
subdomain match for 'blackops.org'



>
> If that's not the case, my next step would be to load it in gdb and
> start tracking a number of things down that way.

My gdb skills have atrophied considerably, but that sounds like the
right next step. I'll see what I can do.

-Jim
Received on Mon Apr 22 2013 - 15:29:16 PST

This archive was generated by hypermail 2.3.0 : Mon Apr 22 2013 - 15:36:02 PST