#1 Le 07/10/2017, à 10:35
- daniel1952
[résolu] ubuntu 17.10 postfix opendkim milter connection refused
Installation et fonctionnement postfix OK
Installation opendkim OK
Lors de l'envoie d'un message depuis thunderbird (avec utilisateur profil administrateur) sur le serveur j'ai le message dans syslog :
- > mail postfix/cleanup[10579]: warning: connect to Milter service inet:localhost:8891: Connection refused
Je n'arrive pas, malgré les articles parus sur ne net, à trouver.
Voici les fichiers de configuration :
[b]/etc/opendkim.conf -------------------------------------------------------------------------[/b]
[color=#121210]
Syslog yes
UMask 0002
OversignHeaders From
TrustAnchorFile /usr/share/dns/root.key
Domain mail.info-suivi.top
KeyFile /etc/postfix/dkim.key
Selector dkim
SOCKET inet:8891@localhost
/etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
compatibility_level = 2[/color]
[color=#121210]# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.info-suivi.top
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, mail.info-suivi.top, localhost.info-suivi.top, , localhost
relayhost =
mynetworks = 127.0.0.0/8 192.168.1.0/24
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
mailbox_command =[/color]
[color=#121210]bounce_template_file = /etc/postfix/bounce.cf[/color]
[color=#121210]# DKIM
# --------------------------------------
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891[/color]
[b]/etc/postfix/master.cf ------------------------------------------------------------------[/b]
[color=#121210]#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: [url]http://www.postfix.org/master.5.html)[/url].
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
#submission inet n - y - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - y - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
# -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters[/color]
[color=#121210]#628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}[/color]
[b]/etc/dkim.key----------------------------------------------------------------------------- [/b]
[color=#121210]-rw------- 1 opendkim opendkim 1679 oct. 7 08:24 dkim.key[/color]
[b]service postfix status --------------------------------------------------------------------[/b]
[color=#121212]● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor preset: enabled)
Active: active (exited) since Sat 2017-10-07 10:06:35 CEST; 1min 47s ago
Process: 2526 ExecReload=/bin/true (code=exited, status=0/SUCCESS)
Process: 10233 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 10233 (code=exited, status=0/SUCCESS)[/color]
[color=#121212]oct. 07 10:06:35 mail.info-suivi.top systemd[1]: Starting Postfix Mail Transport Agent...
oct. 07 10:06:35 mail.info-suivi.top systemd[1]: Started Postfix Mail Transport Agent.
[/color]
[b]service opendkim status -------------------------------------------------------------[/b]
[color=#080808]● opendkim.service - OpenDKIM DomainKeys Identified Mail (DKIM) Milter
Loaded: loaded (/lib/systemd/system/opendkim.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2017-10-07 09:34:23 CEST; 35min ago
Docs: man:opendkim(8)
man:opendkim.conf(5)
man:opendkim-genkey(8)
man:opendkim-genzone(8)
man:opendkim-testadsp(8)
man:opendkim-testkey
[url]http://www.opendkim.org/docs.html[/url]
Process: 9127 ExecStart=/usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock (code=exited, status=0/SUCCESS)
Main PID: 9128 (opendkim)
Tasks: 6 (limit: 4915)
CGroup: /system.slice/opendkim.service
└─9128 /usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock[/color]
[color=#080808]oct. 07 09:34:23 mail.info-suivi.top systemd[1]: Starting OpenDKIM DomainKeys Identified Mail (DKIM) Milter...
oct. 07 09:34:23 mail.info-suivi.top systemd[1]: Started OpenDKIM DomainKeys Identified Mail (DKIM) Milter.
oct. 07 09:34:23 mail.info-suivi.top opendkim[9128]: OpenDKIM Filter v2.11.0 starting (args: -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendk
lines 1-19/19 (END)
[/color]
[b]SYSLOG ------------------------------------------------------------------------------------[/b]
Oct 7 10:13:17 mail systemd[1]: Starting Postfix Mail Transport Agent (instance -)...
Oct 7 10:13:17 mail postfix/postfix-script[10488]: warning: not owned by root: /etc/postfix/./dkim.key
Oct 7 10:13:17 mail postfix/postfix-script[10490]: warning: group or other writable: /etc/postfix/./dkim.key
Oct 7 10:13:17 mail postfix/postfix-script[10543]: starting the Postfix mail system
Oct 7 10:13:17 mail postfix/master[10545]: daemon started -- version 3.2.2, configuration /etc/postfix
Oct 7 10:13:17 mail systemd[1]: Started Postfix Mail Transport Agent (instance -).
Oct 7 10:13:17 mail systemd[1]: Starting Postfix Mail Transport Agent...
Oct 7 10:13:17 mail systemd[1]: Started Postfix Mail Transport Agent.
[b]After sending mail ------------------------------------------------------------------[/b]
Oct 7 10:17:33 mail postfix/pickup[10546]: 97639580053: uid=33 from=<webmestre@mail.info-suivi.top>
Oct 7 10:17:33 mail postfix/cleanup[10579]: warning: connect to Milter service inet:localhost:8891: Connection refused
Oct 7 10:17:33 mail postfix/cleanup[10579]: 97639580053: message-id=<MTc0MTI5NgWY0SI87JAMTUwNzM2NDI1Mzc3NjQ2@dga.info-suivi.top>
Oct 7 10:17:33 mail postfix/qmgr[10547]: 97639580053: from=<webmestre@mail.info-suivi.top>, size=18106, nrcpt=1 (queue active)
Oct 7 10:17:33 mail postfix/smtp[10581]: 97639580053: to=<web-pzdfe@mail-tester.com>, relay=mail-tester.com[94.23.206.89]:25, delay=0.29, delays=0.02/0/0.15/0.12, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as CC4369F7EB)
Oct 7 10:17:33 mail postfix/qmgr[10547]: 97639580053: removedModération : merci à l'avenir d'utiliser les balises code (explications ici).
Dernière modification par daniel1952 (Le 11/10/2017, à 22:36)
Hors ligne
#2 Le 09/10/2017, à 09:53
- koshieIsYourDaddy
Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused
Salut,
Quelques ressources supplémentaire sur OpenDKIM:
- https://wiki.debian.org/opendkim
- https://wiki.debian-fr.xyz/Opendkim
Quel est le programme qui écoute sur le port 8891 ?
netstat -taupen | grep 8891
Que disent les fichiers /var/log/mail.* ?
koshicalement
Hors ligne
#3 Le 09/10/2017, à 11:04
- daniel1952
Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused
Bonjour, merci pour les infos.
La commande netstat ne donne rien !
Voici la maillog rien sur mail.err
Oct 9 11:28:02 mail authdaemond: modules="authpam", daemons=5
Oct 9 11:28:02 mail authdaemond: Installing libauthpam
Oct 9 11:28:02 mail authdaemond: Installation complete: authpam
Oct 9 11:28:15 mail dovecot: master: Dovecot v2.2.27 (c0f36b0) starting up with out any protocols (core dumps disabled)
Oct 9 11:28:15 mail opendkim[1240]: OpenDKIM Filter v2.11.0 starting (args: -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock)
Oct 9 11:28:15 mail postfix/postfix-script[1522]: starting the Postfix mail sys tem
Oct 9 11:28:15 mail postfix/master[1524]: daemon started -- version 3.2.2, conf iguration /etc/postfix
Oct 9 11:28:25 mail postfix/postfix-script[2482]: refreshing the Postfix mail s ystem
Oct 9 11:28:25 mail postfix/master[1524]: reload -- version 3.2.2, configuratio n /etc/postfix
Oct 9 11:32:07 mail postfix/pickup[2487]: 42164580351: uid=33 from=<webmestre@mail.info-suivi.top>
Oct 9 11:32:07 mail postfix/cleanup[2841]: warning: connect to Milter service inet:127.0.0.1:8891: Connection refused
Oct 9 11:32:07 mail postfix/cleanup[2841]: 42164580351: message-id=<Mzg0OTE3NQWY0SI92JAMTUwNzU0MTUyNzIxMTk4@dga.info-suivi.top>
Oct 9 11:32:07 mail postfix/qmgr[2488]: 42164580351: from=<webmestre@mail.info-suivi.top>, size=24842, nrcpt=1 (queue active)
Oct 9 11:32:07 mail postfix/smtp[2843]: 42164580351: to=<web-8pf5s@mail-tester.com>, relay=mail-tester.com[94.23.206.89]:25, delay=0.62, delays=0.01/0/0.16/0.44, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as C76909FB5C)
Oct 9 11:32:07 mail postfix/qmgr[2488]: 42164580351: removedJ'ai relu les deux liens et je pense être conforme.
D'avance merci pour ton aide.
Daniel
Hors ligne
#4 Le 09/10/2017, à 11:13
- koshieIsYourDaddy
Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused
Tape juste netstat -taupen dans ce cas et met ici le résultat.
Hors ligne
#5 Le 09/10/2017, à 11:51
- daniel1952
Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused
Voici le résultat de "netstat -taupen"
A+
root@mail:/home/dan# netstat -taupen
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 128 26309 1135/mysqld
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 0 26359 1430/smbd
tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 102 25157 1127/systemd-resolv
tcp 0 0 0.0.0.0:5938 0.0.0.0:* LISTEN 0 27815 1297/teamviewerd
tcp 0 0 127.0.0.1:5939 0.0.0.0:* LISTEN 0 27816 1297/teamviewerd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 36765 1138/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 0 22458 831/cupsd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 30003 1524/master
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 0 26358 1430/smbd
tcp 0 0 127.0.0.1:5939 127.0.0.1:38187 ESTABLISHED 0 37995 1297/teamviewerd
tcp 0 0 127.0.0.1:44322 127.0.0.1:5939 ESTABLISHED 1000 67870 3042/TeamViewer_Des
tcp 0 64 192.168.1.219:22 192.168.1.240:56270 ESTABLISHED 0 43840 2749/sshd: dan [pri
tcp 36 0 192.168.1.219:50650 192.168.1.5:139 ESTABLISHED 1000 66560 3115/gvfsd-smb-brow
tcp 0 0 127.0.0.1:5939 127.0.0.1:44322 ESTABLISHED 0 69050 1297/teamviewerd
tcp 0 0 127.0.0.1:38187 127.0.0.1:5939 ESTABLISHED 1000 36158 1566/c:\TeamViewer\
tcp 0 0 192.168.1.219:59458 89.202.200.132:5938 ESTABLISHED 0 29512 1297/teamviewerd
tcp 0 0 192.168.1.219:49123 104.197.3.80:80 TIME_WAIT 0 0 -
tcp 0 0 192.168.1.219:52960 178.255.154.14:5938 ESTABLISHED 0 67191 1297/teamviewerd
tcp6 0 0 :::5355 :::* LISTEN 102 25160 1127/systemd-resolv
tcp6 0 0 :::139 :::* LISTEN 0 26357 1430/smbd
tcp6 0 0 :::143 :::* LISTEN 0 24071 911/couriertcpd
tcp6 0 0 :::80 :::* LISTEN 0 27770 1358/apache2
tcp6 0 0 :::5938 :::* LISTEN 0 27814 1297/teamviewerd
tcp6 0 0 :::21 :::* LISTEN 122 30201 1528/proftpd: (acce
tcp6 0 0 :::22 :::* LISTEN 0 36767 1138/sshd
tcp6 0 0 ::1:3350 :::* LISTEN 0 24536 1136/xrdp-sesman
tcp6 0 0 ::1:631 :::* LISTEN 0 22457 831/cupsd
tcp6 0 0 :::25 :::* LISTEN 0 30004 1524/master
tcp6 0 0 :::443 :::* LISTEN 0 27774 1358/apache2
tcp6 0 0 :::3389 :::* LISTEN 127 30495 1151/xrdp
tcp6 0 0 :::445 :::* LISTEN 0 26356 1430/smbd
tcp6 0 0 192.168.1.219:143 192.168.0.254:56564 ESTABLISHED 0 46700 2869/couriertls
tcp6 0 0 192.168.1.219:143 192.168.0.254:60958 ESTABLISHED 0 101850 3463/couriertls
udp 0 0 0.0.0.0:5353 0.0.0.0:* 111 21464 832/avahi-daemon: r
udp 0 0 0.0.0.0:5355 0.0.0.0:* 102 25156 1127/systemd-resolv
udp 0 0 0.0.0.0:60732 0.0.0.0:* 111 21466 832/avahi-daemon: r
udp 0 0 127.0.0.53:53 0.0.0.0:* 102 26150 1127/systemd-resolv
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 30546 1813/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 23351 987/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 24780 1042/dhclient
udp 0 0 192.168.1.255:137 0.0.0.0:* 0 38859 1361/nmbd
udp 0 0 192.168.1.220:137 0.0.0.0:* 0 38858 1361/nmbd
udp 0 0 192.168.1.255:137 0.0.0.0:* 0 29769 1361/nmbd
udp 0 0 192.168.1.219:137 0.0.0.0:* 0 29768 1361/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 0 29758 1361/nmbd
udp 0 0 192.168.1.255:138 0.0.0.0:* 0 38861 1361/nmbd
udp 0 0 192.168.1.220:138 0.0.0.0:* 0 38860 1361/nmbd
udp 0 0 192.168.1.255:138 0.0.0.0:* 0 29771 1361/nmbd
udp 0 0 192.168.1.219:138 0.0.0.0:* 0 29770 1361/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 0 29759 1361/nmbd
udp 0 0 0.0.0.0:631 0.0.0.0:* 0 24155 890/cups-browsed
udp6 0 0 :::5353 :::* 111 21465 832/avahi-daemon: r
udp6 0 0 :::5355 :::* 102 25159 1127/systemd-resolv
udp6 0 0 :::45514 :::* 111 21467 832/avahi-daemon: r
root@mail:/home/dan#Hors ligne
#6 Le 11/10/2017, à 20:06
- daniel1952
Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused
Le problème est résolu.
Rappel du problème : Postfix n'arrive pas à se connecter à Opendkim part le port inet:8891.
Résolution : Merci à koshieIsYourDaddy qui m'a mis sur la voie.
En fait l'écoute sur le port 8891 n'était pas activé par Opendkim.
Pour cela il faut ajouter une information au niveau du fichier : /lib/systemd/system/opendkim.service
Il faut modifier la ligne : ExecStart=/usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock
en :
ExecStart=/usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock -p inet:8891@localhost
Ainsi l'écoute sur le port sera activé par Opendkim
Puis il faut relancer les services :
systemctl daemon-reload
systemctl opendkim restart
systemctl postfix restart
Hors ligne