OpenDKIM 2.0.0 wrong path in postfix main.cf

  • After udating the OpenDKIM plugin postfix was not able to connect the the OpenDKIM milter.

    Code
    1. Sep 11 17:14:41 hs postfix/cleanup[22803]: warning: connect to Milter service unix:/opendkim/opendkim.sock: No such file or directorySep 11 17:14:41 hs postfix/cleanup[22803]: 901B2140FC2: milter-reject: CONNECT from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; from=<opendkim@my-server.tld>Sep 11 17:14:41 hs postfix/pickup[22790]: 9034E140FC2: uid=116 from=<opendkim@my-server.tld>

    I'd checked the path and i did found the socket under

    Code
    1. /var/spool/postfix/var/run/opendkim/opendkim.sock


    The path in the main.cf needs to be corrected

    Code
    1. unix:/var/run/opendkim/opendkim.sock

    After this change and restart the postfix daemon everything works again


    I'm using the plugin on i-MSCP 1.4.7

    Edited once, last by TheCry ().

  • I'm using the plugin on i-MSCP 1.4.7

    @TheCry


    That would be great if you could read the announcement from top to bottom :rolleyes:


    Note to people that use i-MSCP version 1.4.7: Du to a bug in the i-MSCP 1.4.7 version, The old Postfix MILTER parameters won't be removed while plugin update, making postfix unable to connect to OpenDKIM socket. You should really considere to update to latest i-MSCP stable version prior updating to this new version.


    A workaround for i-MSCP 1.4.7 is to do a full reconfiguration just after updating the plugin: perl /var/www/imscp/engine/setup/imscp-reconfigure -danv

    Bascically, the socket path is correct but the old MILTER parameter was not removed from the Postfix main.cf. Thus, Postfix cannot connect simply because it try using the socket path from old MILTER parameter ;) Anyway, you should really considere upgrading to latest i-MSCP version.


    See also: https://github.com/i-MSCP/imscp/blob/1.5.x/CHANGELOG#L173

    I'd found a second problem.
    The public key, which ca be copied to the clipboard, is not the same like the public key in the mail.txt.
    Or should i need to generate new keys for every customer?

    Yes, because the old keys were wrong so you must renew all of them. I've not done that in upgrade path because not everyone is affected by wrong keys. Note also that the plugin will rewind the keys according RFC's. Thus, one key from a mail.txt file can differs from the one shown in plugin interface. For instance:


    "ABCDEF" "GHIJKL" from a mail.txt file could be stored as "ABC" "DEFGHIJKL" by the plugin. The plugin strickly sticks to RFC's while the opendkim-genkey script doesn't. Note that this don't change anything. In both cases, the key would be read as ABCDEFGHIJKL

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Ups.. Sorry.. I didn't read this

    You're welcome. Note that I've edited my previous answer regarding keys (see at bottom).

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • @TheCry


    Also, if you made any changes in /lib/systemd/system/opendkim.service file, due to the bug about which we have talked in past, you must revert them.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206