problems with dkim-milter and mailscanner/postfix

Julian Field MailScanner at ecs.soton.ac.uk
Sun Apr 20 22:37:40 IST 2008 

Just be sure that your MailScanner.conf file says:
    Debug = no
    Debug SpamAssassin = no
(the 2nd one is particularly important!)

That's the first thing that comes to mind.

Paul Hutchings wrote:
> I'm trying to get our smtp relay to sign outgoing email with
> dkim-milter.
>
> I've followed
> http://www.howtoforge.net/postfix-dkim-with-dkim-milter-centos5.1 and
> things are loosely working, however:
>
> Incoming messages appear to be getting stuck in the hold queue (nothing
> obvious other than the queueid! when you run mailq).  When this happens
> it also appears that the MailScanner processes go a bit ape and top
> shows them using all CPU.
>
> I'm also seeing some errors on inbound mail from gmail (me testing by
> emailing myself) along the lines of:
>
> Apr 20 20:58:10 relay dkim-filter[1481]: ED0091FDA4 SSL
> error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too
> short
> Apr 20 20:59:01 relay dkim-filter[1481]: 7AB011FDD2 SSL
> error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too
> short
> Apr 20 21:08:23 relay dkim-filter[1481]: 545E01FD9F SSL
> error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too
> short
> Apr 20 21:13:02 relay dkim-filter[1481]: D5A631FD9F SSL
> error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too
> short; error:04077068:rsa routines:RSA_verify:bad signature
> Apr 20 21:13:02 relay dkim-filter[1481]: D5A631FD9F: bad signature data
>
> Whilst this would appear to be a dkim-filter error I wasn't sure if it
> might be relevant to the other problem?
>
> It seems that if I remove the lines from main.cf that invoke the dkim
> milter everything is perfectly fine as before.
>
> I'm a little lost as to what and where to start and would appreciate any
> pointers.  Suffice to say I have no real preference what I use I'd just
> like our smtp relay to be able to use DKIM signatures on outbound email
> from our primary domain name.
>
> TIA,
> Paul
>
> Paul Hutchings
> Network Administrator, MIRA Ltd.
> Tel: 44 (0)24 7635 5378
> Fax: 44 (0)24 7635 8378
> mailto:paul.hutchings at mira.co.uk
>
>
>
>   

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list