Contenu | Rechercher | Menus

Annonce

Si vous avez des soucis pour rester connecté, déconnectez-vous puis reconnectez-vous depuis ce lien en cochant la case
Me connecter automatiquement lors de mes prochaines visites.

À propos de l'équipe du forum.

#1 Le 07/10/2017, à 10:35

daniel1952

[résolu] ubuntu 17.10 postfix opendkim milter connection refused

Installation et fonctionnement postfix OK
Installation opendkim OK
Lors de l'envoie d'un message depuis thunderbird (avec utilisateur profil administrateur) sur le serveur j'ai le message dans syslog :

- > mail postfix/cleanup[10579]: warning: connect to Milter service inet:localhost:8891: Connection refused

Je n'arrive pas, malgré les articles parus sur ne net, à trouver.

Voici les fichiers de configuration :

[b]/etc/opendkim.conf -------------------------------------------------------------------------[/b]

[color=#121210]
Syslog			yes
UMask			0002
OversignHeaders		From
TrustAnchorFile       /usr/share/dns/root.key
Domain    mail.info-suivi.top
KeyFile    /etc/postfix/dkim.key
Selector    dkim
SOCKET    inet:8891@localhost
/etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
compatibility_level = 2[/color]

[color=#121210]# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.info-suivi.top
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, mail.info-suivi.top, localhost.info-suivi.top, , localhost
relayhost = 
mynetworks = 127.0.0.0/8 192.168.1.0/24 
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
mailbox_command =[/color]

[color=#121210]bounce_template_file = /etc/postfix/bounce.cf[/color]

[color=#121210]# DKIM
# --------------------------------------
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891[/color]

[b]/etc/postfix/master.cf ------------------------------------------------------------------[/b]

[color=#121210]#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: [url]http://www.postfix.org/master.5.html)[/url].
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (no)    (never) (100)
# ==========================================================================
smtp      inet  n       -       y       -       -       smtpd
#smtp      inet  n       -       y       -       1       postscreen
#smtpd     pass  -       -       y       -       -       smtpd
#dnsblog   unix  -       -       y       -       0       dnsblog
#tlsproxy  unix  -       -       y       -       0       tlsproxy
#submission inet n       -       y       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_tls_auth_only=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       y       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters[/color]


[color=#121210]#628       inet  n       -       y       -       -       qmqpd
pickup    unix  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       y       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
retry     unix  -       -       y       -       -       error
discard   unix  -       -       y       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       y       -       1       anvil
scache    unix  -       -       y       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}[/color]

[b]/etc/dkim.key----------------------------------------------------------------------------- [/b]
[color=#121210]-rw------- 1 opendkim opendkim  1679 oct.   7 08:24 dkim.key[/color]

[b]service postfix status --------------------------------------------------------------------[/b]
[color=#121212]● postfix.service - Postfix Mail Transport Agent
   Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor preset: enabled)
   Active: active (exited) since Sat 2017-10-07 10:06:35 CEST; 1min 47s ago
  Process: 2526 ExecReload=/bin/true (code=exited, status=0/SUCCESS)
  Process: 10233 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 10233 (code=exited, status=0/SUCCESS)[/color]

[color=#121212]oct. 07 10:06:35 mail.info-suivi.top systemd[1]: Starting Postfix Mail Transport Agent...
oct. 07 10:06:35 mail.info-suivi.top systemd[1]: Started Postfix Mail Transport Agent.
[/color]

[b]service opendkim status -------------------------------------------------------------[/b]

[color=#080808]● opendkim.service - OpenDKIM DomainKeys Identified Mail (DKIM) Milter
   Loaded: loaded (/lib/systemd/system/opendkim.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2017-10-07 09:34:23 CEST; 35min ago
     Docs: man:opendkim(8)
           man:opendkim.conf(5)
           man:opendkim-genkey(8)
           man:opendkim-genzone(8)
           man:opendkim-testadsp(8)
           man:opendkim-testkey
           [url]http://www.opendkim.org/docs.html[/url]
  Process: 9127 ExecStart=/usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock (code=exited, status=0/SUCCESS)
 Main PID: 9128 (opendkim)
    Tasks: 6 (limit: 4915)
   CGroup: /system.slice/opendkim.service
           └─9128 /usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock[/color]

[color=#080808]oct. 07 09:34:23 mail.info-suivi.top systemd[1]: Starting OpenDKIM DomainKeys Identified Mail (DKIM) Milter...
oct. 07 09:34:23 mail.info-suivi.top systemd[1]: Started OpenDKIM DomainKeys Identified Mail (DKIM) Milter.
oct. 07 09:34:23 mail.info-suivi.top opendkim[9128]: OpenDKIM Filter v2.11.0 starting (args: -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendk
lines 1-19/19 (END)
[/color]

[b]SYSLOG ------------------------------------------------------------------------------------[/b]
Oct  7 10:13:17 mail systemd[1]: Starting Postfix Mail Transport Agent (instance -)...
Oct  7 10:13:17 mail postfix/postfix-script[10488]: warning: not owned by root: /etc/postfix/./dkim.key
Oct  7 10:13:17 mail postfix/postfix-script[10490]: warning: group or other writable: /etc/postfix/./dkim.key
Oct  7 10:13:17 mail postfix/postfix-script[10543]: starting the Postfix mail system
Oct  7 10:13:17 mail postfix/master[10545]: daemon started -- version 3.2.2, configuration /etc/postfix
Oct  7 10:13:17 mail systemd[1]: Started Postfix Mail Transport Agent (instance -).
Oct  7 10:13:17 mail systemd[1]: Starting Postfix Mail Transport Agent...
Oct  7 10:13:17 mail systemd[1]: Started Postfix Mail Transport Agent.

[b]After sending mail ------------------------------------------------------------------[/b]
Oct  7 10:17:33 mail postfix/pickup[10546]: 97639580053: uid=33 from=<webmestre@mail.info-suivi.top>
Oct  7 10:17:33 mail postfix/cleanup[10579]: warning: connect to Milter service inet:localhost:8891: Connection refused
Oct  7 10:17:33 mail postfix/cleanup[10579]: 97639580053: message-id=<MTc0MTI5NgWY0SI87JAMTUwNzM2NDI1Mzc3NjQ2@dga.info-suivi.top>
Oct  7 10:17:33 mail postfix/qmgr[10547]: 97639580053: from=<webmestre@mail.info-suivi.top>, size=18106, nrcpt=1 (queue active)
Oct  7 10:17:33 mail postfix/smtp[10581]: 97639580053: to=<web-pzdfe@mail-tester.com>, relay=mail-tester.com[94.23.206.89]:25, delay=0.29, delays=0.02/0/0.15/0.12, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as CC4369F7EB)
Oct  7 10:17:33 mail postfix/qmgr[10547]: 97639580053: removed

Modération : merci à l'avenir d'utiliser les balises code (explications ici).

Dernière modification par daniel1952 (Le 11/10/2017, à 22:36)

Hors ligne

#2 Le 09/10/2017, à 09:53

koshieIsYourDaddy

Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused

Salut,

Quelques ressources supplémentaire sur OpenDKIM:

- https://wiki.debian.org/opendkim
- https://wiki.debian-fr.xyz/Opendkim

Quel est le programme qui écoute sur le port 8891 ?

netstat -taupen | grep 8891

Que disent les fichiers /var/log/mail.* ?

koshicalement

Hors ligne

#3 Le 09/10/2017, à 11:04

daniel1952

Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused

Bonjour, merci pour les infos.
La commande netstat ne donne rien !

Voici la maillog rien sur mail.err

Oct  9 11:28:02 mail authdaemond: modules="authpam", daemons=5
Oct  9 11:28:02 mail authdaemond: Installing libauthpam
Oct  9 11:28:02 mail authdaemond: Installation complete: authpam
Oct  9 11:28:15 mail dovecot: master: Dovecot v2.2.27 (c0f36b0) starting up with                                                                                out any protocols (core dumps disabled)
Oct  9 11:28:15 mail opendkim[1240]: OpenDKIM Filter v2.11.0 starting (args: -P                                                                                 /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock)
Oct  9 11:28:15 mail postfix/postfix-script[1522]: starting the Postfix mail sys                                                                                tem
Oct  9 11:28:15 mail postfix/master[1524]: daemon started -- version 3.2.2, conf                                                                                iguration /etc/postfix
Oct  9 11:28:25 mail postfix/postfix-script[2482]: refreshing the Postfix mail s                                                                                ystem
Oct  9 11:28:25 mail postfix/master[1524]: reload -- version 3.2.2, configuratio                                                                                n /etc/postfix
Oct  9 11:32:07 mail postfix/pickup[2487]: 42164580351: uid=33 from=<webmestre@mail.info-suivi.top>
Oct  9 11:32:07 mail postfix/cleanup[2841]: warning: connect to Milter service inet:127.0.0.1:8891: Connection refused
Oct  9 11:32:07 mail postfix/cleanup[2841]: 42164580351: message-id=<Mzg0OTE3NQWY0SI92JAMTUwNzU0MTUyNzIxMTk4@dga.info-suivi.top>
Oct  9 11:32:07 mail postfix/qmgr[2488]: 42164580351: from=<webmestre@mail.info-suivi.top>, size=24842, nrcpt=1 (queue active)
Oct  9 11:32:07 mail postfix/smtp[2843]: 42164580351: to=<web-8pf5s@mail-tester.com>, relay=mail-tester.com[94.23.206.89]:25, delay=0.62, delays=0.01/0/0.16/0.44, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as C76909FB5C)
Oct  9 11:32:07 mail postfix/qmgr[2488]: 42164580351: removed

J'ai relu les deux liens et je pense être conforme.

D'avance merci pour ton aide.
Daniel

Hors ligne

#4 Le 09/10/2017, à 11:13

koshieIsYourDaddy

Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused

Tape juste netstat -taupen dans ce cas et met ici le résultat.

Hors ligne

#5 Le 09/10/2017, à 11:51

daniel1952

Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused

Voici le résultat de "netstat -taupen"
A+

root@mail:/home/dan# netstat -taupen
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      128        26309      1135/mysqld
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      0          26359      1430/smbd
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      102        25157      1127/systemd-resolv
tcp        0      0 0.0.0.0:5938            0.0.0.0:*               LISTEN      0          27815      1297/teamviewerd
tcp        0      0 127.0.0.1:5939          0.0.0.0:*               LISTEN      0          27816      1297/teamviewerd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      0          36765      1138/sshd
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      0          22458      831/cupsd
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      0          30003      1524/master
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      0          26358      1430/smbd
tcp        0      0 127.0.0.1:5939          127.0.0.1:38187         ESTABLISHED 0          37995      1297/teamviewerd
tcp        0      0 127.0.0.1:44322         127.0.0.1:5939          ESTABLISHED 1000       67870      3042/TeamViewer_Des
tcp        0     64 192.168.1.219:22        192.168.1.240:56270     ESTABLISHED 0          43840      2749/sshd: dan [pri
tcp       36      0 192.168.1.219:50650     192.168.1.5:139         ESTABLISHED 1000       66560      3115/gvfsd-smb-brow
tcp        0      0 127.0.0.1:5939          127.0.0.1:44322         ESTABLISHED 0          69050      1297/teamviewerd
tcp        0      0 127.0.0.1:38187         127.0.0.1:5939          ESTABLISHED 1000       36158      1566/c:\TeamViewer\
tcp        0      0 192.168.1.219:59458     89.202.200.132:5938     ESTABLISHED 0          29512      1297/teamviewerd
tcp        0      0 192.168.1.219:49123     104.197.3.80:80         TIME_WAIT   0          0          -
tcp        0      0 192.168.1.219:52960     178.255.154.14:5938     ESTABLISHED 0          67191      1297/teamviewerd
tcp6       0      0 :::5355                 :::*                    LISTEN      102        25160      1127/systemd-resolv
tcp6       0      0 :::139                  :::*                    LISTEN      0          26357      1430/smbd
tcp6       0      0 :::143                  :::*                    LISTEN      0          24071      911/couriertcpd
tcp6       0      0 :::80                   :::*                    LISTEN      0          27770      1358/apache2
tcp6       0      0 :::5938                 :::*                    LISTEN      0          27814      1297/teamviewerd
tcp6       0      0 :::21                   :::*                    LISTEN      122        30201      1528/proftpd: (acce
tcp6       0      0 :::22                   :::*                    LISTEN      0          36767      1138/sshd
tcp6       0      0 ::1:3350                :::*                    LISTEN      0          24536      1136/xrdp-sesman
tcp6       0      0 ::1:631                 :::*                    LISTEN      0          22457      831/cupsd
tcp6       0      0 :::25                   :::*                    LISTEN      0          30004      1524/master
tcp6       0      0 :::443                  :::*                    LISTEN      0          27774      1358/apache2
tcp6       0      0 :::3389                 :::*                    LISTEN      127        30495      1151/xrdp
tcp6       0      0 :::445                  :::*                    LISTEN      0          26356      1430/smbd
tcp6       0      0 192.168.1.219:143       192.168.0.254:56564     ESTABLISHED 0          46700      2869/couriertls
tcp6       0      0 192.168.1.219:143       192.168.0.254:60958     ESTABLISHED 0          101850     3463/couriertls
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           111        21464      832/avahi-daemon: r
udp        0      0 0.0.0.0:5355            0.0.0.0:*                           102        25156      1127/systemd-resolv
udp        0      0 0.0.0.0:60732           0.0.0.0:*                           111        21466      832/avahi-daemon: r
udp        0      0 127.0.0.53:53           0.0.0.0:*                           102        26150      1127/systemd-resolv
udp        0      0 0.0.0.0:68              0.0.0.0:*                           0          30546      1813/dhclient
udp        0      0 0.0.0.0:68              0.0.0.0:*                           0          23351      987/dhclient
udp        0      0 0.0.0.0:68              0.0.0.0:*                           0          24780      1042/dhclient
udp        0      0 192.168.1.255:137       0.0.0.0:*                           0          38859      1361/nmbd
udp        0      0 192.168.1.220:137       0.0.0.0:*                           0          38858      1361/nmbd
udp        0      0 192.168.1.255:137       0.0.0.0:*                           0          29769      1361/nmbd
udp        0      0 192.168.1.219:137       0.0.0.0:*                           0          29768      1361/nmbd
udp        0      0 0.0.0.0:137             0.0.0.0:*                           0          29758      1361/nmbd
udp        0      0 192.168.1.255:138       0.0.0.0:*                           0          38861      1361/nmbd
udp        0      0 192.168.1.220:138       0.0.0.0:*                           0          38860      1361/nmbd
udp        0      0 192.168.1.255:138       0.0.0.0:*                           0          29771      1361/nmbd
udp        0      0 192.168.1.219:138       0.0.0.0:*                           0          29770      1361/nmbd
udp        0      0 0.0.0.0:138             0.0.0.0:*                           0          29759      1361/nmbd
udp        0      0 0.0.0.0:631             0.0.0.0:*                           0          24155      890/cups-browsed
udp6       0      0 :::5353                 :::*                                111        21465      832/avahi-daemon: r
udp6       0      0 :::5355                 :::*                                102        25159      1127/systemd-resolv
udp6       0      0 :::45514                :::*                                111        21467      832/avahi-daemon: r
root@mail:/home/dan#

Hors ligne

#6 Le 11/10/2017, à 20:06

daniel1952

Re : [résolu] ubuntu 17.10 postfix opendkim milter connection refused

Le problème est résolu.

Rappel du problème : Postfix n'arrive pas à se connecter à Opendkim part le port inet:8891.

Résolution : Merci à koshieIsYourDaddy qui m'a mis sur la voie.

En fait l'écoute sur le port 8891 n'était pas activé par Opendkim.

Pour cela il faut ajouter une information au niveau du fichier : /lib/systemd/system/opendkim.service

Il faut modifier la ligne : ExecStart=/usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock
en :
ExecStart=/usr/sbin/opendkim -P /var/run/opendkim/opendkim.pid -p local:/var/run/opendkim/opendkim.sock -p inet:8891@localhost

Ainsi l'écoute sur le port sera activé par Opendkim

Puis il faut relancer les services :
systemctl daemon-reload
systemctl opendkim restart
systemctl postfix restart

Hors ligne