opendkim 加载密钥时出错

opendkim 加载密钥时出错

我在调试这个错误时遇到了困难:

系统日志:

Apr 24 06:18:08 abcex opendkim[24223]: abcex: key data is not secure: /etc/opendkim/keys/abcex.private
Apr 24 06:18:08 abcex opendkim[24223]: 28E1C29C5FB: error loading key 'abcex'
pr 24 06:18:08 abcex postfix/cleanup[24394]: A21DE29C5FB: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; from=<[email protected]> to=<[email protected]>

以下是 namei -l /etc/opendkim/keys/abcex.private 的输出

drwxr-xr-x root     root     /
drwxr-xr-x root     root     etc
drwxr-xr-x opendkim opendkim opendkim
drwxr-xr-- opendkim opendkim keys
-rwxr-xr-- opendkim opendkim abcex.private

但测试工作正常:

opendkim-testkey -d abcex.com -s 201804 -vvv

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /etc/opendkim/keys/abcex.private: WARNING: unsafe permissions
opendkim-testkey: key loaded from /etc/opendkim/keys/abcex.private
opendkim-testkey: checking key '201804._domainkey.abcex.com'
opendkim-testkey: key not secure
opendkim-testkey: key OK

dig 的输出也很好

挖掘 201804._domainkey.abcex.com txt +short

"v=DKIM1; h=sha256; k=rsa; s=email; p=...."

我查看过类似的问题,但没有找到解决方案。我已根据以下更改权限:OpenDKIM 错误

还看了 https://sourceforge.net/p/opendkim/support-requests/19/https://sourceforge.net/p/opendkim/support-requests/13/ 但没有找到任何解决方案。

请帮忙。

答案1

错误信息很清楚“关键数据不安全:”这表明密钥文件的权限不正确,命令的输出可以证实这一点ls

-rwxr-xr-- opendkim opendkim abcex.private
       ^
       |__ world readable 

例如将权限更改为:

chmod 0600 /etc/opendkim/keys/abcex.private

答案2

就我而言仅此权限组合有帮助

chown -R opendkim:opendkim /etc/opendkim
chmod 0750 /etc/opendkim/keys
chmod 0600 /etc/opendkim/keys/abcex.private

相关内容