Problems getting DKIM setup with postfix

Hey All, thanks in advance!
I get the following error when performing #service milter-opendkim start

from /var/log/maillog
Code:
Feb 16 12:35:16 www opendkim[20009]: OpenDKIM Filter: unknown port name port
Feb 16 12:35:16 www opendkim[20009]: OpenDKIM Filter: Unable to create listening socket on conn inet:port
Feb 16 12:35:16 www opendkim[20009]: smfi_opensocket() failed
Feb 16 12:35:16 www opendkim[20008]: exited with status 69, restarting

System - FreeBSD 11.0p7 IPFW w/SSHGuard

/usr/local/etc/postfix/main.cf
Code:
# postfix to use dkim milter
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
/usr/local/etc/mail/opendkim.conf
Code:
AutoRestart             Yes
AutoRestartRate         10/1h
LogWhy                  Yes
Syslog                  Yes
SyslogSuccess           Yes
Mode                    sv
Canonicalization        relaxed/simple
ExternalIgnoreList      refile:/usr/local/etc/mail/opendkim.trustedhosts
InternalHosts           refile:/usr/local/etc/mail/opendkim.trustedhosts
KeyTable                refile:/usr/local/etc/mail/opendkim.keytable
SigningTable            refile:/usr/local/etc/mail/opendkim.signingtable
SignatureAlgorithm      rsa-sha256
Socket                  inet:8891@127.0.0.1
PidFile                 /var/run/opendkim/opendkim.pid
UMask                   022
TemporaryDirectory      /var/tmp
/usr/local/etc/mail/opendkim.keytable (can I use the same domain key from the host for all the virtual domains?)
Code:
selector1._domainkey.sample.com sample.com:mail:/usr/local/etc/mail/host.sample.com.dkim.private
selector1._domainkey.virtualdomain.com virtualdomain.com:mail:/usr/local/etc/mail/host.sample.com.dkim.private
selector1._domainkey.virtualdomain2.com virtualdomain2.com:mail:/usr/local/etc/mail/host.sample.com.dkim.private
/usr/local/etc/mail/opendkim.signingtable
Code:
*@sample.com selector1._domainkey.sample.com
*@virtualdomain.com selector1._domainkey.virtualdomain.com
*@virtualdomain2.com selector1._domainkey.virtualdomain2.com
/usr/local/etc/mail/opendkim.trustedhosts
Code:
sample.com
virtualdomain.com
virtualdomain2.com
localhost
xxx.xxx.xxx.xxx
/usr/local/etc/IPFW.rules (setup for SSHGuard sh loads it on boot)
Code:
#opendkim
$cmd 00221 allow tcp from any to any dst-port 8891 out via $vif setup keep-state
$cmd 00222 allow tcp from any to me dst-port 8891 in via $vif setup keep-state
 
Your configuration is correct. But the error:
Code:
Feb 16 12:35:16 www opendkim[20009]: OpenDKIM Filter: unknown port name port
Feb 16 12:35:16 www opendkim[20009]: OpenDKIM Filter: Unable to create listening socket on conn inet:port
Indicates that for some reason it is trying to find: inet:port so I would look for a typo in rc.conf.

Here is a useful script to generate domain keys. Keep in mind that I use my settings in /usr/local/etc/opendkim instead so you will need to modify that. I also run the service as opendkim user:

Code:
milteropendkim_enable="YES"
milteropendkim_uid="opendkim"

Code:
#!/bin/sh

 if [ "$#" -eq  "0" ]
   then
     echo "No arguments supplied. Usage: dkimgen <domain>"
 else

domain=$1

mkdir /usr/local/etc/opendkim/keys/$domain;
opendkim-genkey -D /usr/local/etc/opendkim/keys/$domain/ -d $domain -s default;
chown -R opendkim: /usr/local/etc/opendkim/keys/$domain;
mv /usr/local/etc/opendkim/keys/$domain/default.private /usr/local/etc/opendkim/keys/$domain/default;
echo "default._domainkey.$domain $domain:default:/usr/local/etc/opendkim/keys/$domain/default" >> /usr/local/etc/opendkim/KeyTable;
echo "*@$@$domain default._domainkey.$domain" >> /usr/local/etc/opendkim/SigningTable

fi
 
Back
Top