1

Topic: problems with dkim signing & amavisd. iRedMail-0.6.1

I am having problems with dkim signing & amavisd. iRedMail-0.6.1 & IredAdmin-Pro-1.3.0

Error message:

Starting Mail Virus Scanner (amavisd): Error in config file "/etc/amavisd.conf": Can't open PEM file /var/lib/dkim/example.net.pem: Permission denied at /usr/sbin/amavisd line 561.

I have tried the following:
[root@smtp ~]# setfacl -m u:amavis:r-- /var/lib/dkim/example.net.pem

[root@smtp ~]#  getfacl /var/lib/dkim/example.net.pem
getfacl: Removing leading '/' from absolute path names
# file: var/lib/dkim/example.net.pem
# owner: root
# group: root
user::rw-
user:amavis:r--
group::r--
mask::r--
other::r--

Same problem, amavisd will not start. I have also tried #chmod +r /var/lib/dkim/example.net.pem

Snips of amavisd.conf:
@local_domains_maps = ( [".$mydomain","example.net","example2.com","example3.com"] );  # list of all local domains
dkim_key(".", "dkim", "/var/lib/dkim/example.net.pem");
@dkim_signature_options_bysender_maps = ( {
# catchall defaults
    '.' => { a => 'rsa-sha256', c => 'relaxed/simple', ttl => 30*24*3600 },
} );

2

Re: problems with dkim signing & amavisd. iRedMail-0.6.1

Please post settings in amavisd.conf:

$daemon_user  = "amavis";
$daemon_group = "amavis";

And output of below commands:

# ls -ld /var/lib/dkim
# ls -lR /var/lib/dkim/

3

Re: problems with dkim signing & amavisd. iRedMail-0.6.1

ZhangHuangbin wrote:

Please post settings in amavisd.conf:

$daemon_user  = "amavis";
$daemon_group = "amavis";

And output of below commands:

# ls -ld /var/lib/dkim
# ls -lR /var/lib/dkim/

$daemon_user  = "amavis";     # (no default;  customary: vscan or amavis), -u
$daemon_group = "amavis";     # (no default;  customary: vscan or amavis), -g

[root@smtp ~]# ls -ld /var/lib/dkim
drw-r--r-- 2 amavis amavis 4096 Oct 14 01:50 /var/lib/dkim
[root@smtp ~]# ls -lR /var/lib/dkim
/var/lib/dkim:
total 8
-rw-r--r--+ 1 root root 891 Oct 12 22:52 udsmail.net.pem

4

Re: problems with dkim signing & amavisd. iRedMail-0.6.1

Try:

# chown amavis:amavis /var/lib/dkim/udsmail.net.pem

5

Re: problems with dkim signing & amavisd. iRedMail-0.6.1

[root@smtp ~]# chown amavis:amavis /var/lib/dkim/udsmail.net.pem
[root@smtp ~]# service amavisd start
Starting Mail Virus Scanner (amavisd): Error in config file "/etc/amavisd.conf": Can't open PEM file /var/lib/dkim/udsmail.net.pem: Permission denied at /usr/sbin/amavisd line 561.

6

Re: problems with dkim signing & amavisd. iRedMail-0.6.1

Please post output of below commands:

# ls -ld /var/lib/dkim
# ls -lR /var/lib/dkim/

Also, does 0555 work?

# chmod 0555 /var/lib/dkim/xxx.pem

7

Re: problems with dkim signing & amavisd. iRedMail-0.6.1

ZhangHuangbin wrote:

chmod 0555 /var/lib/dkim/

bholt wrote:

[root@smtp ~]# chmod 0555 /var/lib/dkim/udsmail.net.pem
[root@smtp ~]# service amavisd start
Starting Mail Virus Scanner (amavisd): Error in config file "/etc/amavisd.conf": Can't open PEM file /var/lib/dkim/udsmail.net.pem: Permission denied at /usr/sbin/amavisd line 561.
                                                           [FAILED]
[root@smtp ~]# ls -ld /var/lib/dkim
drw-r--r-- 2 amavis amavis 4096 Oct 14 01:50 /var/lib/dkim
[root@smtp ~]# ls -lR /var/lib/dkim/
/var/lib/dkim/:
total 8
-r-xr-xr-x+ 1 amavis amavis 891 Oct 12 22:52 udsmail.net.pem