SigningTable fetched from MySQL with dsn: feature problem
Hi all,
I have a MySQL database supporting configuration of my mail system (ubuntu+postfix+dovecot).
I tuned the mail accounts management (Postfix Admin v2.3.5) to feed the domain table with DKIM signatures when I declare a new one. So I use the DSN feature of OpenDKIM to fetch all the keys.
This is the suggested and working configuration :
SigningTable dsn:mysql://<user>:<pswd>_at_<host>/<db>/table=domain?keycol=domain?datacol=domain
KeyTable dsn:mysql://<user>:<pswd>_at_<host>/<db>/table=domain?keycol=domain?datacol=domain,selector,private_key
The problem of my specific case comes up since my account manager automatically declares a factice domain named « ALL ». Consequently this domain has no DKIM data and this really troubles OpenDKIM which won’t even initialize.
In the past days, I resolved this situation by adding a filter to the DSN :
SigningTable dsn:mysql://<user>:<pswd>_at_<host>/<db>/table=domain?keycol=domain?datacol=domain?filter='`private_key` NOT LIKE ""'
KeyTable dsn:mysql://<user>:<pswd>_at_<host>/<db>/table=domain?keycol=domain?datacol=domain,selector,private_key
This prevented OpenDKIM to prefetch unsupported domains.
Unfortunately, after a system upgrade from Ubuntu 13.10 to 14.04, this support has been broken and OpenDKIM (now v2.9.1-1) fails to initiate and run again.
In my SQL logs, I can see that « filter » is not applied to SigningTable :
SELECT domain,domain FROM domain
SELECT domain,selector,private_key FROM domain WHERE domain = 'ALL'
Then I tried to add the same filter sequence to the KeyTable string and this shows up in the logs (but this is not where I want it applied…) :
SELECT domain,domain FROM domain
SELECT domain,selector,private_key FROM domain WHERE domain = 'ALL' AND '`private_key` NOT LIKE ""'
I sure could trick the whole think by pretending ALL is a valid domain with DKIM data but this is truly ugly.
I couldn’t find enough sources to perfectly know how the DSN thing works and it’s been a pain to make it work in the first place. Now I’m totally confused.
Does any body has enough knowledge to help me restore the attended behavior ?
Thank you for your help
Julien P.
Received on Tue Jun 03 2014 - 08:36:56 PST
This archive was generated by hypermail 2.3.0
: Tue Jun 03 2014 - 08:45:00 PST