Re: [dkim-milter-discuss] Milter rejected message (more info)

Rolf E. Sonneveld Thu, 17 Dec 2009 03:13:59 -0800

Hi,

SM wrote:
> At 15:07 16-12-2009, Rolf E. Sonneveld wrote:
>   
>> Today I discovered that dkim-milter rejected messages, while I have (as
>> far as I know) no configuration settings that would explain this rejection.
>>
>> AFAICS there are three settings in dkim-filter.conf that could make a
>> message be rejected:
>>
>> ADSPDiscard
>> ADSPNoSuchDomain
>> RequiredHeaders
>>
>> Default for all of them is 'no' which means: do not reject. In my
>> configuration I did not explicitely define them, so they should not be
>> responsible for the reject action (correct?).
>>
>> The two most recent log entries on system 1 are:
>>
>> Dec 16 23:11:09 lynx postfix/cleanup[21219]: A600B70395: milter-reject:
>> END-OF-MESSAGE from russian-caravan.cloud9.net[168.100.1.4]: 4.7.1
>> Service unavailable - try again later;
>> from=<owner-postfix-us...@postfix.org> to=<first.l...@sonnection.nl>
>> proto=ESMTP helo=<russian-caravan.cloud9.net>
>> Dec 16 23:27:24 lynx postfix/cleanup[21347]: 3224870395: milter-reject:
>> END-OF-MESSAGE from 128-220.colo.introweb.nl[84.241.128.220]: 4.7.1
>> Service unavailable - try again later; from=<addison...@ms29.hinet.net>
>> to=<first.l...@sonnection.nl> proto=ESMTP helo=<lisa.crolox.nl>
>>
>> The most recent log entries on system 2 are:
>>
>> 16-Dec-2009 23:08:44.88 tcp_internet              JE 0
>> 31:owner-postfix-us...@postfix.org 7:rfc822; 0: 0: 3:msg
>> 52:russian-caravan.cloud9.net ([unknown] [168.100.1.4]) 33:451 4.3.2
>> Milter rejected message
>> 16-Dec-2009 23:25:01.10 tcp_internet              JE 0
>> 25:addison...@ms29.hinet.net 7:rfc822; 0: 0: 3:msg 43:lisa.crolox.nl
>> ([unknown] [84.241.128.220]) 33:451 4.3.2 Milter rejected message
>>     
>
> The 451 code denotes a temporary failure when the message was DKIM 
> verified.  Add:
>
> Syslog Yes
>
> in your dkim-milter configuration file.  The maillog will show what 
> caused the error.
>


In addition to the information I sent in my previous message, I captured 
some debug information of the communication between MTA and dkim-filter:

11:04:41.71: Initializing Milter message context
11:04:41.71: Creating socket to connect to milter server
11:04:41.71: pmt_getconnected(): calling getaddrinfo("<systemname>", 
"<portnumber>", ...)
11:04:41.71: pmt_getconnected(): lookup hints: ai_family=AF_INET (2); 
ai_flags=0x20 (32); ai_socktype=SOCK_STREAM (1)
11:04:41.71: pmt_getconnected(): A record: <IP number>
11:04:41.71: pmt_getconnected(): getaddrinfo() returned 1 host records 
(1 A records; 0 AAAA records)
11:04:41.71: pmt_getconnected(): attempting connect(9,...); 
family=AF_INET; addr=<IP number>; port=<portnumber>
11:04:41.71: pmt_getconnected(): connection to "<systemname>" 
established; IP address <IP number>; TCP port <portnumber>
11:04:41.71: Sending Milter server the OPTNEG command length 13
11:04:41.71: OPTNEG actions response = 49:
11:04:41.71: Add headers (SMFIR_ADDHEADER)
11:04:41.71: Change or delete headers (SMFIR_CHGHEADER)
11:04:41.71: Quarantine message (SMFIR_QUARANTINE)
11:04:41.71: OPTNEG protocol response = 2:
11:04:41.71: Skip HELO
11:04:41.71: Sending Milter server the MACRO command length 52
11:04:41.71: Sending Milter server the CONNECT command length 36
11:04:41.75: Received milter response 'c'
11:04:41.75: Processing continues...
11:04:41.75: Skipping milter HELO
11:04:41.75: Sending Milter server the MACRO command length 116
11:04:41.75: Sending Milter server the MAIL command length 29
11:04:41.79: Received milter response 'c'
11:04:41.79: Processing continues...
11:05:02.19: Milter recipient: matthijs.sonnev...@sonnection.nl
11:05:02.19: Optin value: spam
11:05:02.19: Sending Milter server the MACRO command length 115
11:05:02.19: Sending Milter server the RCPT command length 36
11:05:02.23: Received milter response 'c'
11:05:02.23: Processing continues...
11:05:02.23: Milter end to list, start header
11:05:02.26: Sending Milter server the HEADER command length 131
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 140
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 47
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 178
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 186
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 77
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 111
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 109
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 33
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 65
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 78
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 177
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 162
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 19
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 110
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 63
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 65
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 38
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 64
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 25
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 44
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 18
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the HEADER command length 21
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Milter plugin end header called
11:05:02.26: Sending Milter server the HEADER command length 11
11:05:02.26: Received milter response 'c'
11:05:02.26: Processing continues...
11:05:02.26: Sending Milter server the EOH command length 1
11:05:04.45: Received milter response 'c'
11:05:04.45: Processing continues...
11:05:04.45: Milter plugin end body called
11:05:04.45: Sending Milter server the BODY command length 295
11:05:04.45: Received milter response 'c'
11:05:04.45: Processing continues...
11:05:04.45: Sending Milter server the BODYEOB command length 1
11:05:04.45: Milter plugin end message called
11:05:05.11: Received milter response 'i'
11:05:05.11: Insert header Authentication-Results index 1: 
mx1.sonnection.nl; dkim=neutral header...@nmvf.us;
x-dkim-adsp=none
11:05:05.15: Received milter response 't'
11:05:05.15: Temporary reject with no further processing
11:05:05.15: Closing connection after failure action
11:05:05.15: Sending Milter server the QUIT command length 1
11:05:05.15: Pending failure type -101014 on 1 recipients, 1 recipients 
total
11:05:05.15: Freeing Milter message context

I replaced some 'sensitive' information with <systemname> and <IP 
address etc.>.

Seems dkim-filter responds with a 't' in this situation; I would expect 
that if a domain does not exist (nmvf.us does not exist, so a _domainkey 
subdomain cannot exist either), dkim-filter would not return a Tempfail 
status? I would expect an 'Accept'.

/rolf


------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
dkim-milter-discuss mailing list
dkim-milter-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss

Re: [dkim-milter-discuss] Milter rejected message (more info)

Reply via email to