Hi! I´ve just launched my new debian wheezy mailserver with postfix virtual domains (using mariadb) and mailman. It´s config is based on ISPmail tutorial for Debian Wheezy found at workaround.org and howtos found here. Everything is working fine except that some mail sent to mailing lists get to the server but then gets stuck outbound to the mailinglist members. The message seems to be DKIM related but I havn´t done any DKIM or SPF configs whaterver. On the old mail server which also has virtual domains (using plain files) and the same mailinglist this never happends. The only thing that i can think of is the new server har TLS enabled and the old one doesn´t. Here is an example, any one got an idea what is wrong? Nov 23 19:47:52 mailserv1 postfix/smtp[15007]: 7A58A1BD: to=<[email protected]>, relay=mailout.comhem.se[80.76.149.166]:25, delay=4397, delays=4018/0.03/0.08/378, dsn=4.0.0, status=deferred (host mailout.comhem.se[80.76.149.166] said: 451 Cannot verify DKIM signature: pubkey_unavailable (in reply to end of DATA command)) It could be that the problem occur when users with gmail accounts sends to the mailing list but I´m not 100% sure.
I'm about to setup DKIM on my server, so I thought I'ld have a look. From: http://www.postfix.org/postconf.5.html#smtp_tls_security_level always_add_missing_headers (default: no) Always add (Resent-) From:, To:, Date: or Message-ID: headers when not present. Postfix 2.6 and later add these headers only when clients match the local_header_rewrite_clients parameter setting. Earlier Postfix versions always add these headers; this may break DKIM signatures that cover non-existent headers. Not sure if this is relevant. Cheers, Nap
Hi Nap! The always_add_missing_headers (default: no) itself didn´t solve my problem, but it got me looking in a new direction. I found out that the problem was indeed mailman and DKIM signed mail. So a little tweaking of mailman solved the problem. But I hadn´t found it without your suggestion so thank you very much! //Goody