Re: Struggling with DKIM signing

Tue, 05 Nov 2024 11:47:52 -0800 



On 05/11/2024 17:31, Damian wrote:

I don't see any SPF or DMARC checking in the headers on inbound email 
and I am currently researching it.



Amavis does not check SPF or DMARC itself, but SpamAssassin will do 
it, if configured.

Odd one this. It may be doing the checks as I see the X-Virus-Scanned 
header "Debian amavis at mail-www.howitts.co.uk".



Previously in ClearOS (based on Centos7), I would see in the mail log 
something like:


   Nov  4 08:42:04 server amavis[1874]: (01874-15) size: 105876, TIMING
   [total 2285 ms] - SMTP greeting: 1.4 (0%)0, SMTP EHLO: 0.7 (0%)0,
   SMTP pre-MAIL: 0.6 (0%)0, SMTP MAIL: 0.8 (0%)0, SMTP pre-DATA-flush:
   1.0 (0%)0, SMTP DATA: 40 (2%)2, check_init: 0.3 (0%)2, digest_hdr:
   1.4 (0%)2, digest_body_dkim: 7 (0%)2, collect_info: 4.1 (0%)3,
   mime_decode: 10 (0%)3, get-file-type1: 10 (0%)3, parts_decode: 0.1
   (0%)3, check_header: 0.2 (0%)3, AV-scan-1: 162 (7%)10, spam-wb-list:
   0.2 (0%)10, SA msg read: 0.3 (0%)11, SA parse: 3.0 (0%)11, SA check:
   1945 (85%)96, decide_mail_destiny: 4.5 (0%)96, notif-quar: 0.2
   (0%)96, fwd-connect: 38 (2%)98, fwd-mail-pip: 4.3 (0%)98,
   fwd-rcpt-pip: 0.2 (0%)98, fwd-data-chkpnt: 0.0 (0%)98, write-header:
   0.5 (0%)98, fwd-data-contents: 2.2 (0%)98, fwd-end-chkpnt: 41
   (2%)100, prepare-dsn: 0.7 (0%)100, report: 1.1 (0%)100,
   main_log_entry: 2.9 (0%)100, update_snmp: 0.9 (0%)100, SMTP
   pre-response: 0.2 (0%)100, SMTP response: 0.1 (0%)100,
   unlink-2-files: 0.2 (0%)100, rundown: 0.4 (0%)100
   Nov  4 08:42:04 server amavis[16349]: (16349-18) ESMTP :10024
   /var/lib/amavis/tmp/amavis-20241103T141640-16349-3pL0YovS:
   <[email protected]> -> <[email protected]> SIZE=108333 Received: from
   mailserver.howitts.co.uk ([127.0.0.1]) by localhost
   (server.howitts.co.uk [127.0.0.1]) (amavisd-new, port 10024) with
   ESMTP for <[email protected]>; Mon,  4 Nov 2024 08:42:04 +0000 (GMT)
   Nov  4 08:42:04 server mailfilter: starting up
   ([email protected], [email protected],
   client_address=127.0.0.1)
   Nov  4 08:42:04 server amavis[27659]: (27659-12) spam-tag,
   <[email protected]> -> <[email protected]>, No, score=-7.488
   tagged_above=-99 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
   DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1,
   SPF_HELO_NONE=0.001, T_REMOTE_IMAGE=0.01, USER_IN_DEF_DKIM_WL=-7.5]
   autolearn=ham autolearn_force=no


So spamassassin must be communicating with amavis somehow. I'll keep 
digging.






2024-11-05T16:50:43.961525+00:00 mail-www amavis[3676918]: 
(3676918-01) Passed CLEAN {RelayedOpenRelay}, [34.209.113.130]:51018 
[34.209.113.130] <[email protected]> -> 
<[email protected]>, ...

You need to declare howitts.co.uk as one of yours (on Debian see 
conf.d/05-domain_id) to get rid of OpenRelay.

Fixed by setting /etc/mailname correctly, thanks.
























					Reply via email to