OpenDKIM is not running (port 8891)

In a new install of miab, I run the Status Checks, and receive (for a start):

System Status Checks

System :heavy_multiplication_x: OpenDKIM is not running (port 8891).

Could someone give me a hint as to the severity of this and how to fix it?

Thanks very much. Cheers

Have you tried re-running the mailinabox command?
sudo mailinabox

This will run through the install again. Some others have had this “stuck” issue in the past and report that setting the server up again fixes it.

Thanks mate.

Tried that but it didn’t work.

[I was expecting it to put me back into that naughty loop and for my test users to be blasted away, but none of that happened, which was good :wink: ]

I’ll keep researching, maybe someone else has an idea?

Cheers

what is the output of:
ps -aux | grep opendkim

(just to verify it really isn’t running)

dave@box:~$ ps -aux | grep opendkim
opendkim 30491 0.0 0.2 214828 2196 ? Ssl 08:34 0:00 /usr/sbin/opendkim -x /etc/opendkim.conf -u opendkim -P /var/run/opendkim/opendkim.pid
dave 32101 0.0 0.0 11740 940 pts/4 S+ 08:53 0:00 grep --color=auto opendkim

! greek to me !

Okay that first line makes it look like it is in fact running.

Have you rebooted the machine recently?
sudo shutdown -r now

Can you also try running the status checks manually:
mailinabox/management/status_checks.py

run this from the root directory

it should output all the status information that you see on the status checks webpage

I just did a

sudo reboot

with no change…

I take it that is the same as

sudo shutdown -r now

?

Thanks for your help mate. Cheers

dave@box:/$ sudo /home/dave/mailinabox/management/status_checks.py

System

:heavy_multiplication_x: OpenDKIM is not running (port 8891).
✓ SSH disallows password-based login.
✓ System software is up to date.
✓ Mail-in-a-Box is up to date. You are running version v0.17c.
✓ System administrator address exists as a mail alias.
[administrator@box.happygoanna.com.au ↦
administrator@box.happygoanna.com.au]
✓ The disk has 25.3 GB space remaining.
✓ System memory is 59% free.

Network

✓ Outbound mail (SMTP port 25) is not blocked.
✓ IP address is not blacklisted by zen.spamhaus.org.

box.happygoanna.com.au

✓ Nameserver glue records are correct at registrar.
[ns1/ns2.box.happygoanna.com.au ↦ 128.199.224.255]
✓ Domain resolves to box’s IP address. [box.happygoanna.com.au ↦
128.199.224.255]
✓ Reverse DNS is set correctly at ISP. [128.199.224.255 ↦
box.happygoanna.com.au]
✓ The DANE TLSA record for incoming mail is correct
(_25._tcp.box.happygoanna.com.au).
✓ Hostmaster contact address exists as a mail alias.
[hostmaster@box.happygoanna.com.au ↦ administrator@box.happygoanna.com.au]
✓ Domain’s email is directed to this domain. [box.happygoanna.com.au ↦ 10
box.happygoanna.com.au]
✓ Postmaster contact address exists as a mail alias.
[postmaster@box.happygoanna.com.au ↦ administrator@box.happygoanna.com.au]
✓ Domain is not blacklisted by dbl.spamhaus.org.
✓ TLS (SSL) certificate is signed & valid. The certificate expires in 89 days
on 07/11/16.

happygoanna.com.au

✓ Nameservers are set correctly at registrar. [ns1.box.happygoanna.com.au;
ns2.box.happygoanna.com.au]
✓ Domain’s email is directed to this domain. [happygoanna.com.au ↦ 10
box.happygoanna.com.au]
✓ Postmaster contact address exists as a mail alias.
[postmaster@happygoanna.com.au ↦ administrator@box.happygoanna.com.au]
✓ Domain is not blacklisted by dbl.spamhaus.org.
✓ Domain resolves to this box’s IP address. [happygoanna.com.au ↦
128.199.224.255]
✓ TLS (SSL) certificate is signed & valid. The certificate expires in 89 days
on 07/11/16.
? This domain’s DNSSEC DS record is not set. The DS record is optional. The DS
record activates DNSSEC. To set a DS record, you must follow the
instructions provided by your domain name registrar and provide to them this
information:

Key Tag: 42390
Key Flags: KSK
Algorithm: 7 / RSASHA1-NSEC3-SHA1
Digest Type: 2 / SHA-256
Digest: e84b5c2d5c290580c8fb787acefd21c5e40fb6c13b5e53a7f047b1691fe8d1d7
Public Key:

AwEAAZgbqo5bLOFvq2pqLUn5MgZgeTaCZXea67QifodvUnH1e6Zc1IpB6bMJwRDSQvycplMwRrUEpJYF0bcSttO6TJBN7m9hfD+37UnZk+6CFGFQtkf8ZwKcP4EJjLwn1Pbgopjb+vvo9m9ItFWO67v4rpgQH55DXO7Y+sstlMfkCinurgkNXjweS+7n6ctxMLD+QydDKQRf+nikEVumw0BmtyZ6EtyOWNX6QhYGIpG22ok4KdmxoJtfXOdfZmGkrRdFVhWjIsmbZOYBD8kfRpI4zboX4/DOra+T3rS1j6bZqztGsuyx2qq5HrR7wA2pESRO/r2D8I/gWiPHqPE03a7saH0=

Bulk/Record Format:
happygoanna.com.au. 3600 IN DS 42390 7 2
e84b5c2d5c290580c8fb787acefd21c5e40fb6c13b5e53a7f047b1691fe8d1d7

www.happygoanna.com.au

✓ Domain resolves to this box’s IP address. [www.happygoanna.com.au ↦
128.199.224.255]
✓ TLS (SSL) certificate is signed & valid. The certificate expires in 89 days
on 07/11/16.
dave@box:/$

Okay this looks better now that you put sudo on :smile:

Can you try:
netstat -nap | grep 8891

This will tell us if opendkim is bound to the local port 8891 or not.

yeh I’m a muppet, often forgetting sudo!

dave@box:/$ sudo netstat -nap | grep 8891
tcp 0 0 127.0.1.1:8891 0.0.0.0:* LISTEN 30491/opendkim
dave@box:/$

Run:
service opendkim status
You should see:
* opendkim is running

If you don’t, try:
service opendkim start

dave@box:/$ sudo service opendkim status

  • opendkim is running

… so maybe the check script is getting it wrong?

the box is pretty smart; I would tend to trust it!
I am out of ideas, sorry!

Thanks very much for all your help mate, greatly appreciated.

It seems that OpenDKIM is in fact running… so if it actually is (can’t see that being reported wrong)… then can’t see another logical conclusion other than the status report is in error ?

I’ll have to live with it for now!

CHEERS!

There is definitely a reason it’s showing that error. When I stop my service, the status checks page shows the error you see. When I restart it, the error goes away.

When I’ve encountered any issues in the past I couldn’t resolve, I do these things:

  1. I backup my user-data
  2. do a completely fresh setup of the VPS
  3. run the install from scratch, and
  4. bring my data back over

I’ve seen that error only 1 time before, when I had first setup a different hosting provider. But I got it working.

OpenDKIM is running on the wrong network interface. Your localhost is probably defined in an unusual way to be 127.0.1.1 instead of 127.0.0.1.

(See https://github.com/mail-in-a-box/mailinabox/issues/797.)

1 Like

Thanks @JoshData, that is in fact the case!

I did a quick grep and 127.0.1.1 is all over the place in a squillion files…

Would you know if a utility exists or if there is a standard way to achieve this (my linux is pretty average)?

Would a simple find/replace using sed possibly work, or will it be much more painful than that?

thanks heaps. Cheers

Sorry Josh, just re-read the link, so I only need to change OpenDKIM service settings to “localhost”… or does it need to be changed throughout miab system somehow? Cheers

SO the quick fix for this is to edit

./etc/opendkim.conf

changing

socket inet:8891@localhost

to

socket inet:8891@127.0.0.1

then restart the service

sudo service opendkim restart

this at least makes miab happy and gives all-green test status test results…

Cheers

1 Like