Submitted by masterg0g0 on Sat, 01/06/2018 - 10:56 Pro Licensee
hello there-
so trying to activate the DKIM settings .. on the server.. makes the emails to get stuck.. also other mail clients are not able to connect to the server..
I basically just activated the settings under mail options.. and relevant key was generated to all DNS records.. https://www.virtualmin.com/documentation/email/dkim
the moment i disable it, everything seems to work again..
appreciate your guidance here too,
Rohit.
Status:
Active
Comments
Submitted by JamieCameron on Sat, 01/06/2018 - 15:24 Comment #1
What do you mean by stuck exactly? Are emails not going out, or not coming in?
Submitted by masterg0g0 on Sat, 01/06/2018 - 15:59 Pro Licensee Comment #2
emails dont go out.. they get stuck in the queue in postfix.. i think incoming emails does come in..
Submitted by JamieCameron on Sat, 01/06/2018 - 20:30 Comment #3
What gets logged to the Postfix mail log? (usually /var/log/mail.log)
Submitted by masterg0g0 on Tue, 01/09/2018 - 07:08 Pro Licensee Comment #4
Jan 9 14:00:49 server2 dovecot: imap-login: Login: user=info@inconsulting.tech, method=PLAIN, rip=134.3.101.130, lip=144.76.8.249, mpid=22644, TLS, session=<iQ/5gFdiJdiGA2WC> Jan 9 14:00:49 server2 dovecot: imap(info@inconsulting.tech): Connection closed in=223 out=1849 Jan 9 14:00:49 server2 dovecot: imap-login: Login: user=info@inconsulting.tech, method=PLAIN, rip=134.3.101.130, lip=144.76.8.249, mpid=22696, TLS, session= Jan 9 14:01:02 server2 postfix/smtps/smtpd[22832]: 6E0132AC98: client=HSI-KBW-134-3-101-130.hsi14.kabel-badenwuerttemberg.de[134.3.101.130], sasl_method=PLAIN, sasl_username=info@inconsulting.tech Jan 9 14:01:02 server2 postfix/cleanup[22837]: 6E0132AC98: milter-reject: END-OF-MESSAGE from HSI-KBW-134-3-101-130.hsi14.kabel-badenwuerttemberg.de[134.3.101.130]: 4.7.1 Service unavailable - try again later; from=info@inconsulting.tech to=interstellar.consulting@gmail.com proto=ESMTP helo=<[IPv6:::ffff:192.168.0.21]> Jan 9 14:01:06 server2 postfix/smtps/smtpd[22832]: 22C772AC98: client=HSI-KBW-134-3-101-130.hsi14.kabel-badenwuerttemberg.de[134.3.101.130], sasl_method=PLAIN, sasl_username=info@inconsulting.tech Jan 9 14:01:06 server2 postfix/cleanup[22837]: 22C772AC98: milter-reject: END-OF-MESSAGE from HSI-KBW-134-3-101-130.hsi14.kabel-badenwuerttemberg.de[134.3.101.130]: 4.7.1 Service unavailable - try again later; from=info@inconsulting.tech to=interstellar.consulting@gmail.com proto=ESMTP helo=<[IPv6:::ffff:192.168.0.21]> Jan 9 14:02:00 server2 postfix/smtps/smtpd[22832]: 498CC2AC98: client=HSI-KBW-134-3-101-130.hsi14.kabel-badenwuerttemberg.de[134.3.101.130], sasl_method=PLAIN, sasl_username=info@inconsulting.tech Jan 9 14:02:00 server2 postfix/cleanup[22837]: 498CC2AC98: milter-reject: END-OF-MESSAGE from HSI-KBW-134-3-101-130.hsi14.kabel-badenwuerttemberg.de[134.3.101.130]: 4.7.1 Service unavailable - try again later; from=info@inconsulting.tech to=interstellar.consulting@gmail.com proto=ESMTP helo=<[IPv6:::ffff:192.168.0.21]>
this is the error.. email greylisting is active.. along with port 10023 open in the firewall.
this is the DKIM setting.https://d.pr/i/tWxg8t
Submitted by andreychek on Tue, 01/09/2018 - 10:36 Comment #5
Does it help to restart the DKIM service? You can do that with the command "service opendkim restart".
If DKIM weren't started or weren't listening, that could cause the issue you're seeing.
Submitted by masterg0g0 on Tue, 01/09/2018 - 12:37 Pro Licensee Comment #6
i have tried that.. but the emails are still bouncing.....
Jan 9 19:37:00 server2 postfix/cleanup[19349]: 101432AC9F: milter-reject: END-OF-MESSAGE from HSI-KBW-134-3-101-130.hsi14.kabel-badenwuerttemberg.de[134.3.101.130]: 4.7.1 Service unavailable - try again later; from=info@inconsulting.tech to=rohit.sharma.g@gmail.com proto=ESMTP helo=<[IPv6:::ffff:192.168.0.21]>
my server is not configured for ipv6.. but the message shows this.. is this the cause may be ?
Submitted by andreychek on Tue, 01/09/2018 - 12:49 Comment #7
Hmm, just to verify, is your server the one with the IP "134.3.101.130" mentioned in the logs there?
Also, what is the output of the command "postconf -n"?
Submitted by masterg0g0 on Tue, 01/09/2018 - 13:09 Pro Licensee Comment #8
no that is the ip adresss of my pc, from where i tried to logon onto the mail server to send the email ..
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
home_mailbox = Maildir/
inet_protocols = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
milter_default_action = accept
milter_protocol = 2
non_smtpd_milters = inet:localhost:8891
readme_directory = no
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_helo_required = yes
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10023
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual
Submitted by andreychek on Tue, 01/09/2018 - 20:46 Comment #9
The Postfix config looks okay.
That's a pretty unusual error you're seeing, but we should verify that DKIM is actually listening on the proper port... what is the output of this command:
netstat -anlp | grep :8891
Submitted by masterg0g0 on Wed, 01/10/2018 - 03:07 Pro Licensee Comment #10
yup,, its definitely weird..
tcp 0 0 127.0.0.1:8891 127.0.0.1:34188 TIME_WAIT -
tcp 0 0 127.0.0.1:34152 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34132 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34234 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34182 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34242 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34190 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34204 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34122 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:8891 127.0.0.1:34248 ESTABLISHED 19542/opendkim
tcp 0 0 127.0.0.1:34240 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34140 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34134 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34164 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34154 127.0.0.1:8891 TIME_WAIT -
tcp 0 0 127.0.0.1:34248 127.0.0.1:8891 ESTABLISHED 21454/smtpd
Submitted by masterg0g0 on Wed, 01/10/2018 - 04:14 Pro Licensee Comment #11
sometimes..just removing and reinstalling a package helps.. after reinstalling.. i am not seeing a problem.. but will let it be and incase i see an issue... i will come back to this thread.
Submitted by Jfro on Wed, 01/10/2018 - 04:45 Comment #12
Please post here the commands to reinstall package the virtualmin way so forumreaders have the complete solution if so. ;)
Submitted by masterg0g0 on Wed, 01/10/2018 - 06:23 Pro Licensee Comment #13
apt-get remove opendkim apt-get purge opendkim
commands to remove the remove and then reinstall via the virtualmin option.. for profit :)
Submitted by Jfro on Wed, 01/10/2018 - 07:04 Comment #14
This is exactly why i asked while in the docs it say
apt-get install dkim-filter
while on CentOS, Fedora or Redhat Enterprise you will need to run :
yum install dkim-milter
https://www.virtualmin.com/documentation/email/dkim
So they need to change the docs?