Opendmarc in after-Amavis smtpd fails

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Opendmarc in after-Amavis smtpd fails

Jesper Dybdal-2
I use postfix 3.4.14 (Debian Buster) with amavisd-new as a pre-queue
filter (smtpd_proxy_filter).

I use Amavis to generate and verify DKIM signatures, and
policyd-spf-python to preform SPF checks.

This works fine.  But now I would like to add DMARC verification. Since
DMARC needs the DKIM result from Amavis, my plan was to use the
opendmarc milter in the after-Amavis smtpd instance.

But this does not seem to work.  Opendmarc logs "ignoring connection
from localhost" and seems to do nothing.

The after-Amavis smtpd listens at port 10028; opendmarc listens at port
10030.

I have placed configuration information and tcpdump examples at
     https://www.dybdal.dk/opendmarc-problem/

I have verified with tcpdump that Amavis does provide an XFORWARD
command to the after-Amavis smtpd.
I have verified with tcpdump that the after-Amavis smtpd does connect to
opendmarc and that they have a (very short) dialog.

I don't know the milter protocol.  The short dialog between the
after-Amavis smtpd and opendmarc contains "127.0.0.1" a few times, but
not the XFORWARD address, but I do not know if that is suspicious.

I would very much appreciate it if somebody can tell me what is going on
- and what opendmarc means with that error message.

--
Jesper Dybdal
https://www.dybdal.dk