我注意到,如果我输入服务后缀状态:
Jul 01 17:39:01 mail postfix/cleanup[13921]: warning: connect to Milter service inet:127.0.0.1:8891: Connection refused
但这是什么意思,我该如何解决?它与 DKIM 有关吗?因为我尝试设置它,但它仍然不起作用。你需要哪些文件来帮忙?这是我的 opendkim.conf:
## CONFIGURATION OPTIONS
# Specifies the path to the process ID file.
PidFile /var/run/opendkim/opendkim.pid
# Selects operating modes. Valid modes are s (signer) and v (verifier). Default is v.
Mode sv
# Log activity to the system log.
Syslog yes
# Log additional entries indicating successful signing or verification of messages.
SyslogSuccess yes
# If logging is enabled, include detailed logging about why or why not a message was
# signed or verified. This causes a large increase in the amount of log data generated
# for each message, so it should be limited to debugging use only.
#LogWhy yes
# Attempt to become the specified user before starting operations.
UserID opendkim:opendkim
# Create a socket through which your MTA can communicate.
Socket inet:[email protected]
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
Umask 002
# This specifies a file in which to store DKIM transaction statistics.
#Statistics /var/spool/opendkim/stats.dat
## SIGNING OPTIONS
# Selects the canonicalization method(s) to be used when signing messages.
Canonicalization relaxed/simple
# Domain(s) whose mail should be signed by this filter. Mail from other domains will
# be verified rather than being signed. Uncomment and use your domain name.
# This parameter is not required if a SigningTable is in use.
# Domain DOMAIN.de
# Defines the name of the selector to be used when signing messages.
Selector default
# Gives the location of a private key to be used for signing ALL messages.
#ORIG (AUSGEKLAMMERT): KeyFile /etc/opendkim/keys/default.private
KeyFile /etc/opendkim/keys/default.private
# Gives the location of a file mapping key names to signing keys. In simple terms,
# this tells OpenDKIM where to find your keys. If present, overrides any KeyFile
# setting in the configuration file.
KeyTable refile:/etc/opendkim/KeyTable
# Defines a table used to select one or more signatures to apply to a message based
# on the address found in the From: header field. In simple terms, this tells
# OpenDKIM how to use your keys.
SigningTable refile:/etc/opendkim/SigningTable
# Identifies a set of "external" hosts that may send mail through the server as one
# of the signing domains without credentials as such.
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
# Identifies a set internal hosts whose mail should be signed rather than verified.
InternalHosts refile:/etc/opendkim/TrustedHosts
答案1
正如 Esa 所回答的,它与 OpenDKIM 有关。
然而,通过查看服务文件(Ubuntu 16.04,使用systemctl),我注意到该服务使用位于/etc/default/opendkim
# Command-line options specified here will override the contents of
# /etc/opendkim.conf. See opendkim(8) for a complete list of options.
#DAEMON_OPTS=""
#
# Uncomment to specify an alternate socket
# Note that setting this will override any Socket value in opendkim.conf
# default:
SOCKET="local:/var/run/opendkim/opendkim.sock"
# listen on all interfaces on port 54321:
#SOCKET="inet:54321"
# listen on loopback on port 12345:
#SOCKET="inet:12345@localhost"
# listen on 192.0.2.1 on port 12345:
#SOCKET="inet:[email protected]"
请注意第 6 行,其中指出此处的设置将覆盖 opendkim.conf 中的任何 Socket 值
我尝试简单地注释掉这里的所有行以将其恢复到配置,但它似乎对我不起作用。
要解决此问题,请修改文件以将 SOCKET 环境变量设置为您需要的值。
# Command-line options specified here will override the contents of
# /etc/opendkim.conf. See opendkim(8) for a complete list of options.
#DAEMON_OPTS=""
#
# Uncomment to specify an alternate socket
# Note that setting this will override any Socket value in opendkim.conf
# default:
#SOCKET="local:/var/run/opendkim/opendkim.sock"
# listen on all interfaces on port 54321:
#SOCKET="inet:54321"
# listen on loopback on port 12345:
SOCKET="inet:8891@localhost"
# listen on 192.0.2.1 on port 12345:
#SOCKET="inet:[email protected]"
最后,使用以下命令重启 opendkimsudo service opendkim restart
总结:
sudo nano /etc/default/opendkim,编辑SOCKET设置,然后重新启动 opendkim。
答案2
OpenDKIM 是一项不同的服务。查看它是否正在运行。你可以尝试
sudo service opendkim restart
并查看是否会导致错误。
假设您有并且 Postfix 正在尝试连接到端口,则配置似乎没问题。您可以使用或来检查 OpenDKIM 是否确实在监听端口。Socket inet:[email protected]8891netstat -llsof -i8891
答案3
在我的情况下,对于两个不同的 Ubuntu 和 Debian 服务器,问题在于 opendkim 的 systemd 服务文件损坏。配置文件完全没问题,但服务文件可能是由旧版本生成的。要重新生成服务文件并解决问题,只需运行以下命令:
sudo /lib/opendkim/opendkim.service.generate
然后重新加载
sudo systemctl daemon-reload
sudo service opendkim restart
答案4
对我而言,唯一适用于 Ubuntu 16.04 的解决方案是......
SOCKET在 中设置 corecret值/etc/default/opendkim。- 删除
SOCKET/etc/opendkim.conf
当然,sudo systemctl restart opendkim