Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1059520: opendkim: Crashes when postfix accesses opendkim.sock
91 views
Skip to first unread message
Markus Mitsch
Dec 27, 2023, 8:30:04 AM12/27/23
to
Package: opendkim
Version: 2.11.0~beta2-8+deb12u1
Severity: important
X-Debbugs-Cc: markusm...@gmail.com
Dear Maintainer,
when i send an email via postfix from localhost postfix logs the following:
warning: milter unix:/run/opendkim/opendkim.sock: can't read SMFIC_EOH reply packet header: Application error
when i inspect the opendkim log i see:
opendkim.service: Failed with result 'signal'.
opendkim.service: Main process exited, code=killed, status=11/SEGV
running opendkim from command line with "-vf" gives "segmentation fault" in the moment i send an email.
Please let me know if you need something else.
Greetings,
Markus
-- System Information:
Debian Release: 12.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-16-cloud-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages opendkim depends on:
ii adduser 3.134
ii dns-root-data 2023010101
ii init-system-helpers 1.65.2
ii libbsd0 0.11.7-2
ii libc6 2.36-9+deb12u3
ii libdb5.3 5.3.28+dfsg2-1
ii libldap-2.5-0 2.5.13+dfsg-5
ii liblua5.3-0 5.3.6-2
ii libmemcached11 1.1.4-1
ii libmilter1.0.1 8.17.1.9-2
ii libopendbx1 1.4.6-16+b1
ii libopendkim11 2.11.0~beta2-8+deb12u1
ii librbl1 2.11.0~beta2-8+deb12u1
ii libssl3 3.0.11-1~deb12u2
ii libunbound8 1.17.1-2+deb12u1
ii libvbr2 2.11.0~beta2-8+deb12u1
ii sysvinit-utils [lsb-base] 3.06-4
Versions of packages opendkim recommends:
ii opendkim-tools 2.11.0~beta2-8+deb12u1
opendkim suggests no packages.
-- Configuration Files:
/etc/opendkim.conf changed:
Syslog yes
SyslogSuccess yes
Canonicalization relaxed/simple
Mode sv
OversignHeaders From
UserID opendkim
UMask 007
Socket local:/run/opendkim/opendkim.sock
PidFile /run/opendkim/opendkim.pid
TrustAnchorFile /usr/share/dns/root.key
InternalHosts refile:/etc/opendkim/trusted
ExternalIgnoreList refile:/etc/opendkim/trusted
SigningTable refile:/etc/opendkim/signing.table
KeyTable /etc/opendkim/key.table
SignatureAlgorithm rsa-sha256
-- no debconf information
Version: 2.11.0~beta2-8+deb12u1
Severity: important
X-Debbugs-Cc: markusm...@gmail.com
Dear Maintainer,
when i send an email via postfix from localhost postfix logs the following:
warning: milter unix:/run/opendkim/opendkim.sock: can't read SMFIC_EOH reply packet header: Application error
when i inspect the opendkim log i see:
opendkim.service: Failed with result 'signal'.
opendkim.service: Main process exited, code=killed, status=11/SEGV
running opendkim from command line with "-vf" gives "segmentation fault" in the moment i send an email.
Please let me know if you need something else.
Greetings,
Markus
-- System Information:
Debian Release: 12.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-16-cloud-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages opendkim depends on:
ii adduser 3.134
ii dns-root-data 2023010101
ii init-system-helpers 1.65.2
ii libbsd0 0.11.7-2
ii libc6 2.36-9+deb12u3
ii libdb5.3 5.3.28+dfsg2-1
ii libldap-2.5-0 2.5.13+dfsg-5
ii liblua5.3-0 5.3.6-2
ii libmemcached11 1.1.4-1
ii libmilter1.0.1 8.17.1.9-2
ii libopendbx1 1.4.6-16+b1
ii libopendkim11 2.11.0~beta2-8+deb12u1
ii librbl1 2.11.0~beta2-8+deb12u1
ii libssl3 3.0.11-1~deb12u2
ii libunbound8 1.17.1-2+deb12u1
ii libvbr2 2.11.0~beta2-8+deb12u1
ii sysvinit-utils [lsb-base] 3.06-4
Versions of packages opendkim recommends:
ii opendkim-tools 2.11.0~beta2-8+deb12u1
opendkim suggests no packages.
-- Configuration Files:
/etc/opendkim.conf changed:
Syslog yes
SyslogSuccess yes
Canonicalization relaxed/simple
Mode sv
OversignHeaders From
UserID opendkim
UMask 007
Socket local:/run/opendkim/opendkim.sock
PidFile /run/opendkim/opendkim.pid
TrustAnchorFile /usr/share/dns/root.key
InternalHosts refile:/etc/opendkim/trusted
ExternalIgnoreList refile:/etc/opendkim/trusted
SigningTable refile:/etc/opendkim/signing.table
KeyTable /etc/opendkim/key.table
SignatureAlgorithm rsa-sha256
-- no debconf information
David Bürgin
Dec 27, 2023, 10:20:04 AM12/27/23
to
What’s the output of:
ls -al /var/run/opendkim
groups postfix | grep opendkim
postconf | grep smtpd_milters
Is postfix running in a chroot? See master.cf.
Here are settings that work:
/etc/opendkim.conf:
------------------------------------------------------------------------
UserID opendkim
UMask 0117
Socket local:/var/spool/postfix/opendkim/opendkim.sock
PidFile /run/opendkim/opendkim.pid
------------------------------------------------------------------------
$ sudo ls -al /var/spool/postfix/opendkim
total 4
drwxr-x--- 2 opendkim opendkim 27 Dec 9 19:52 .
drwxr-xr-x 26 root root 4096 May 24 2023 ..
srw-rw---- 1 opendkim opendkim 0 Dec 9 19:52 opendkim.sock
$ groups postfix | grep opendkim
postfix : postfix opendkim […]
$ postconf | grep smtpd_milters
non_smtpd_milters = $smtpd_milters
smtpd_milters = […] unix:opendkim/opendkim.sock […]
Do follow a sensible tutorial such as:
https://wiki.debian.org/opendkim
The segmentation fault is surprising to me, though. It may also indicate
that you have a really unusual system that no one else has.
ls -al /var/run/opendkim
groups postfix | grep opendkim
postconf | grep smtpd_milters
Is postfix running in a chroot? See master.cf.
Here are settings that work:
/etc/opendkim.conf:
------------------------------------------------------------------------
UserID opendkim
UMask 0117
Socket local:/var/spool/postfix/opendkim/opendkim.sock
PidFile /run/opendkim/opendkim.pid
------------------------------------------------------------------------
$ sudo ls -al /var/spool/postfix/opendkim
total 4
drwxr-x--- 2 opendkim opendkim 27 Dec 9 19:52 .
drwxr-xr-x 26 root root 4096 May 24 2023 ..
srw-rw---- 1 opendkim opendkim 0 Dec 9 19:52 opendkim.sock
$ groups postfix | grep opendkim
postfix : postfix opendkim […]
$ postconf | grep smtpd_milters
non_smtpd_milters = $smtpd_milters
smtpd_milters = […] unix:opendkim/opendkim.sock […]
Do follow a sensible tutorial such as:
https://wiki.debian.org/opendkim
The segmentation fault is surprising to me, though. It may also indicate
that you have a really unusual system that no one else has.
David Bürgin
Dec 27, 2023, 11:20:05 AM12/27/23
to
-------- Forwarded Message --------
Subject: Re: Bug#1059520: opendkim: Crashes when postfix accesses opendkim.sock
Date: Wed, 27 Dec 2023 16:44:16 +0100
From: Markus Mitsch <markusm...@gmail.com>
To: David Bürgin <dbue...@gluet.ch>
Hi David,
The output of:
---> ls -al /var/run/opendkim
drwxr-x--- 2 opendkim opendkim 80 Dec 27 15:37 .
drwxr-xr-x 24 root root 700 Dec 27 15:17 ..
-rw-r--r-- 1 root root 6 Dec 27 15:37 opendkim.pid
srwxrwx--- 1 opendkim opendkim 0 Dec 27 15:37 opendkim.sock
----------------------------------------
---> groups postfix | grep opendkim
postfix : postfix mail opendkim
------------------------------------
---> postconf | grep smtpd_milters
non_smtpd_milters = $smtpd_milters
smtpd_milters = unix:/run/opendkim/opendkim.sock
-----------------------------------------
postfix does not run chrooted.
i just got this:
Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: DKIM
verification successful
Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: s=20230601
d=gmail.com a=rsa-sha256 SSL
when receiving an email.
Greetings
Markus
Subject: Re: Bug#1059520: opendkim: Crashes when postfix accesses opendkim.sock
Date: Wed, 27 Dec 2023 16:44:16 +0100
From: Markus Mitsch <markusm...@gmail.com>
To: David Bürgin <dbue...@gluet.ch>
Hi David,
The output of:
---> ls -al /var/run/opendkim
drwxr-x--- 2 opendkim opendkim 80 Dec 27 15:37 .
drwxr-xr-x 24 root root 700 Dec 27 15:17 ..
-rw-r--r-- 1 root root 6 Dec 27 15:37 opendkim.pid
srwxrwx--- 1 opendkim opendkim 0 Dec 27 15:37 opendkim.sock
----------------------------------------
---> groups postfix | grep opendkim
postfix : postfix mail opendkim
------------------------------------
---> postconf | grep smtpd_milters
non_smtpd_milters = $smtpd_milters
smtpd_milters = unix:/run/opendkim/opendkim.sock
-----------------------------------------
postfix does not run chrooted.
i just got this:
Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: DKIM
verification successful
Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: s=20230601
d=gmail.com a=rsa-sha256 SSL
when receiving an email.
Greetings
Markus
David Bürgin
Dec 27, 2023, 11:20:05 AM12/27/23
to
Hello Markus,
> i just got this:
> Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: DKIM
> verification successful
> Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: s=20230601
> d=gmail.com a=rsa-sha256 SSL
>
> when receiving an email.
Good, this means that communication with the milter is fine. Next would
be checking if signing table and signing keys are set up correctly.
Note that signing with opendkim is generally working well, so this is
likely a problem with *your* setup and configuration.
Ciao,
David
> i just got this:
> Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: DKIM
> verification successful
> Dec 27 15:14:01 mitschnet-neu opendkim[77553]: E9121540408: s=20230601
> d=gmail.com a=rsa-sha256 SSL
>
> when receiving an email.
be checking if signing table and signing keys are set up correctly.
Note that signing with opendkim is generally working well, so this is
likely a problem with *your* setup and configuration.
Ciao,
David
0 new messages