Chris Babcock wrote:
Just before the fourth of July weekend, Yahoo made some changes with
their mail configuration. At which point my postscript install started
rejecting Yahoo and BTI mail as follows:
# grep B74659480C9: /var/log/maillog
Jul 12 15:09:23 cl-t090-563cl postfix-ak/smtpd[14148]: B74659480C9:
client=web37601.mail.mud.yahoo.com[209.191.87.84]
Jul 12 15:09:23 cl-t090-563cl postfix-ak/cleanup[14153]: B74659480C9:
message-id=<142228.84776...@web37601.mail.mud.yahoo.com>
Jul 12 15:09:23 cl-t090-563cl dkim-filter[1918]: B74659480C9: syntax error:
syntax error in policy data
Jul 12 15:09:23 cl-t090-563cl postfix-ak/cleanup[14153]: B74659480C9: milter-reject:
END-OF-MESSAGE from web37601.mail.mud.yahoo.com[209.191.87.84]: 5.7.1 Command rejected;
from=<swift2plun...@yahoo.com> to=<u...@asciiking.com> proto=SMTP
helo=<web37601.mail.mud.yahoo.com>
This is my configuration:
# postconf -n -c /etc/postfix-asciiking
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
alternate_config_directories = /etc/postfix-worldmasters /etc/postfix-notaduck
/etc/postfix-asciiking /etc/postfix-classicalacupunctureone /etc/postfix
config_directory = /etc/postfix-asciiking
inet_interfaces = 70.38.5.65
milter_default_action = accept
mydestination = localhost.$mydomain localhost
mydomain = asciiking.com
myhostname = $mydomain
mynetworks = 127.0.0.0/8 70.38.5.64/29
myorigin = $mydomain
owner_request_special = no
queue_directory = /var/spool/postfix-asciiking
recipient_delimiter = +
smtpd_banner = $myhostname ESMTP Chris Babcock 602-859-1689
smtpd_client_restrictions = reject_non_fqdn_recipient reject_non_fqdn_sender
reject_unknown_sender_domain permit_mynetworks reject_unauth_destination
reject_multi_recipient_bounce reject_non_fqdn_hostname reject_invalid_hostname
smtpd_helo_required = yes
syslog_name = postfix-ak
transport_maps = hash:/etc/postfix-asciiking/transport
unknown_local_recipient_reject_code = 450
virtual_alias_domains = asciiking.com, members.asciiking.com
virtual_alias_maps = hash:/etc/postfix-asciiking/virtual
These are commented out of my main.cf to allow Yahoo mail through:
#smtpd_milters = unix:/var/run/dkim-milter/dkim.sock
#non_smtpd_milters = unix:/var/run/dkim-milter/dkim.sock
I need to be sure that "syntax error: syntax error in policy data"
means the policy data the is being supplied by Yahoo, i.e. their public
keys or the syntax of their DKIM record, and that "milter_default_action
= accept" rules out any possibility that a bug in my Postfix or milter
configuration was exposed by the Yahoo changes.
Chris
Yes, the message was rejected by your DKIM policy action. The
postfix default_milter_action only triggers when the milter
cannot be contacted. If you want to accept mail that fails
DKIM, see the dkim-filter documentation.
-- Noel Jones
