From owner-freebsd-questions@FreeBSD.ORG Sat Sep 17 21:40:01 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DC87516A41F for ; Sat, 17 Sep 2005 21:40:01 +0000 (GMT) (envelope-from gerard-seibert@suscom.net) Received: from smtp1.suscom.net (smtp1.suscom.net [64.78.119.248]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5991943D45 for ; Sat, 17 Sep 2005 21:40:01 +0000 (GMT) (envelope-from gerard-seibert@suscom.net) Received: from localhost (smtp1 [127.0.0.1]) by smtp1.suscom.net (Postfix) with ESMTP id 20B8ED8A9A; Sat, 17 Sep 2005 17:39:55 -0400 (EDT) Received: from smtp1.suscom.net ([127.0.0.1]) by localhost (smtp1 [127.0.0.1]) (amavisd-new, port 10024) with SMTP id 13047-05; Sat, 17 Sep 2005 17:39:45 -0400 (EDT) Received: from [192.168.0.2] (ip148.217.susc.suscom.net [216.45.217.148]) by smtp1.suscom.net (Postfix) with SMTP id B8F8DD88CA; Sat, 17 Sep 2005 17:39:44 -0400 (EDT) Date: Sat, 17 Sep 2005 17:39:48 -0400 From: Gerard Seibert To: freebsd-questions@freebsd.org Sender: Gerard@smtp1.suscom.net, Seibert@smtp1.suscom.net In-Reply-To: <20050917191727.C107316A421@hub.freebsd.org> References: <20050917191727.C107316A421@hub.freebsd.org> Message-Id: <20050917173236.8954.GERARD-SEIBERT@suscom.net> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Mailer: Becky! ver. 2.22.01 [en] Content-Transfer-Encoding: quoted-printable X-Virus-Scanned: by amavisd-new .250 at suscom.net Cc: Hanno Krusken Subject: Re: Sendmail + dk-milter + sid-filter setup with DNS+BIND9 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: gerard-seibert@suscom.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Sep 2005 21:40:02 -0000 On Sat, 17 Sep 2005 17:55:33 +0100, Hanno Krusken Subject: Sendmail + dk-milter + sid-filter setup with DNS+BIND9 Wrote these words of wisdom: >=20 > Hi all, > need help to setup DNS for mai domain. > I would like to get dk-milter to sign all my outgoing mail to be DNS co= nfirm with my "domain.net" > That means, my emails get classified as [BULK] or "SPAM" if I send mail= s to strong anti-spam-NX1.mail.domains with out a propper DNS setup. >=20 > by dig in to the /var/log/maillog, sendmail and dk-milter staring ok, w= ith the dk-filter.pid file, but if I send a mail to test my domainkey, or= even just any other mail, sendmail can't connect to get dk-milter involf= ed. > the same error happend to sid-filter as well. >=20 > I'm running: > FreeBSD-5.4-RELENG-p7 with the latest ports-update > Sendmail-8.13.5 > host+BIND9 >=20 >=20 > # > # /etc/namedb/localhost.rev (entry) > # > _domainkey IN TXT "g=3D; k=3Drsa; t=3Dy; p=3DMHwwDQYJK >=20 > # > # /var/log/maillog > # > dk-filter[683]: Sendmail DomainKeys Filter v0.3.0 starting (args: -l -p= local:/var/run/dk-filter -P /var/run/dk-filter.pid -d DOMAIN.net -c nofw= s -H -m MSA -s /var/db/domainkeys/mail.key.pem -S default) = <------------------------------# > milter-greylist: cannot read dumpfile "/var/milter-greylist/greylist.db= " > milter-greylist: cannot read dumpfile "/var/milter-greylist/greylist.db= " > milter-greylist: starting with an empty greylist > milter-greylist: starting with an empty greylist > sid-filter[700]: Sendmail Sender-ID Filter v0.2.9 starting (args: -l -p= local:/var/run/sid-filter -P /var/run/sid-filter.pid -t -r 0) > sm-mta[710]: starting daemon (8.13.5): SMTP+queueing@00:00:01 > sm-msp-queue[713]: starting daemon (8.13.5): queueing@00:00:01 > sendmail[1795]: j8HG0RKw001795: from=3Dhanno, size=3D669, class=3D0, nr= cpts=3D1, msgid=3D, relay=3Dhanno@localhost > sm-mta[1800]: j8HG0SKk001800: Milter (dk-filter): error connecting to f= ilter: Operation timed out with DOMAIN.net <---------------------# > sm-mta[1800]: j8HG0SKk001800: Milter (dk-filter): error connecting to f= ilter: Operation timed out with DOMAIN.net > sm-mta[1800]: j8HG0SKk001800: Milter (dk-filter): to error state > sm-mta[1800]: j8HG0SKk001800: Milter (sid-filter): error connecting to = filter: Connection refused by /var/sid-filter/sid-filter.sock > sm-mta[1800]: j8HG0SKk001800: Milter (sid-filter): error connecting to = filter: Connection refused by /var/sid-filter/sid-filter.sock > sm-mta[1800]: j8HG0SKk001800: Milter (sid-filter): to error state > milter-greylist: j8HG0SKk001800: skipping greylist because address 127.= 0.0.1 is whitelisted, (from=3D, rcpt=3D, addr=3D127.0.0.1) > sm-mta[1800]: j8HG0SKk001800: from=3D, size=3D= 820, class=3D0, nrcpts=3D1, msgid=3D, proto=3DES= MTP, daemon=3DIPv4, relay=3Dix260.net [127.0.0.1] > sm-mta[1800]: j8HG0SKk001800: Milter add: header: X-Virus-Scanned: Clam= AV version 0.86.2, clamav-milter version 0.86 on IX260.ix260.net > sm-mta[1800]: j8HG0SKk001800: Milter add: header: X-Virus-Status: Clean > sm-mta[1800]: j8HG0SKk001800: Milter add: header: X-Greylist: Sender IP= whitelisted, not delayed by milter-greylist-2.0 (DOMAIN.net [127.0.0.1])= ; Sat, 17 Sep 2005 17:01:44 +0100 (BST) > sendmail[1795]: j8HG0RKw001795: to=3Ddk@dk.crynwr.com, ctladdr=3Dhanno = (1001/1001), delay=3D00:01:17, xdelay=3D00:01:17, mailer=3Drelay, pri=3D3= 0669, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent (j8HG0SKk= 001800 Message accepted for delivery) > sm-mta[2108]: j8HG0SKk001800: to=3D, ctladdr=3D (1001/1001), delay=3D00:00:03, xdelay=3D00:00:02, mai= ler=3Desmtp, pri=3D30820, relay=3Dpdam.crynwr.com. [192.203.178.8], dsn=3D= 2.0.0, stat=3DSent (ok 1126972906 qp 30295) >=20 > # > # /etc/mail/my.domain.mc > # > divert(0) > VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.29 2003/12/24 21:1= 5:09 gshapiro Exp $') > OSTYPE(freebsd5) > DOMAIN(generic) > FEATURE(access_db, `hash -o -T /etc/mail/access') > FEATURE(blacklist_recipients) > FEATURE(local_lmtp) > FEATURE(mailertable, `hash -o /etc/mail/mailertable') > FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') > FEATURE(accept_unqualified_senders) > FEATURE(`nocanonify', `canonify_hosts') > FEATURE(`dnsbl', `dnsbl.sorbs.net',, `t') > FEATURE(`dnsbl', `sbl-xbl.spamhaus.org',, `t') > define(`confDIRECT_SUBMISSION_MODIFIERS', `C') > define(`confDONT_BLAME_SENDMAIL', `GroupReadableSASLDBFile') > define(`confEBINDIR', `/usr/local/libexec')dnl > define(`UUCP_MAILER_PATH', `/usr/local/bin/uux')dnl > define(`confBIND_OPTS', `WorkAroundBrokenAAAA') > define(`confNO_RCPT_ACTION', `add-to-undisclosed') > define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy') > define(`confPRIVACY_FLAGS', `novrfy, noexpn') > MAILER(local) > MAILER(smtp) > dnl Cw localhost > Cw DOMAIN.net > dnl Xdk-filter, S=3Dinet:8891@localhost > INPUT_MAIL_FILTER(`dk-filter', `S=3Dinet:8891@DOMAIN.net') = <-----------------------------------# > INPUT_MAIL_FILTER(`clmilter', `S=3Dlocal:/var/run/clamav/clmilter.sock,= F=3DT, T=3DS:4m;R:4m') > INPUT_MAIL_FILTER(`greylist', `S=3Dlocal:/var/milter-greylist/milter-gr= eylist.sock') > INPUT_MAIL_FILTER(`sid-filter',`S=3Dlocal:/var/sid-filter/sid-filter.so= ck') > define(`confMILTER_MACROS_CONNECT', `j, {if_addr}') > define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}') > define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}') > define(`confINPUT_MAIL_FILTER',`dk-filter,clmilter,greylist,sid-filter'= ) *************** REPLY SEPARATOR *************** On 9/17/2005 5:32:36 PM Gerard Seibert Replied: I am not sure if it means anything or not, but it seems that you are missing several "`" and "'" marks around your statements in the both the "define" and "FEATURE" areas. According to my copy of O'Reilly's "Sendmail", they are required. (\___/) (\___/) (\___/) (\___/) (\___/) (\___/) /0\ /0\ /o\ /o\ /0\ /0\ /O\ /O\ /o\ /o\ /0\ /0\ \__V__/ \__V__/ \__V__/ \__V__/ \__V__/ \__V__/ /|:. .:|\ /|;, ,;|\ /|:. .:|\ /|;, ,;|\ /|;, ,;|\ /|:. .:|\ \\:::::// \\;;;;;// \\:::::// \\;;;;;// \\;;;;;// \\:::::// jgs--`"" ""`---`"" ""`---`"" ""`---`"" ""`---`"" ""`---`"" ""`--- ^~^^~^~^~^~^^~~^^^~^~~^~^~^~^^~~^^^~^~~^~^~^~^^~~^^^~^^~^~^~^^~~^^