• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Forwarded to devs Mailman: Error during 'dd51-domainkeys' handler

M

Matt M

New Pleskian
TITLE:
Mailman: Error during 'dd51-domainkeys' handler
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
CentOS Linux 7.6.1810 (Core)‬
Plesk Onyx
Version 17.8.11 Update #39
PROBLEM DESCRIPTION:
Hi,

When sending mail through Mailman, messages are not being signed by DKIM. The maillog is filled with messages like this:

Code: 
Feb 11 11:28:41 995648-App1 dk_sign[12636]: Starting the dk_sign filter...
Feb 11 11:28:41 995648-App1 dk_sign[12636]: DKIM error: DKIM (null)
Feb 11 11:28:41 995648-App1 /usr/lib64/plesk-9.0/psa-pc-remote[27645]: Error during 'dd51-domainkeys' handler

I read and tried the steps in the following article (which are for Plesk 12.5 anyway), and it did not help: DomainKeys is not working with mailman in Plesk 12.5: Error during 'dd51-domainkeys' handler

I reverted the steps.

I believe this is a legitimate bug, and would appreciate any temporary work-around. We send out a high volume of emails through Mailman every day and this is crucial for us, as we do not want to be flagged as spammers. Please help!​
STEPS TO REPRODUCE:
Send a message to a Mailman mailing list.
Monitor maillog​
ACTUAL RESULT:
Outgoing messages are not DKIM signed
Maillog has entries similar to:
Code: 
Feb 11 11:28:41 995648-App1 dk_sign[12636]: Starting the dk_sign filter...
Feb 11 11:28:41 995648-App1 dk_sign[12636]: DKIM error: DKIM (null)
Feb 11 11:28:41 995648-App1 /usr/lib64/plesk-9.0/psa-pc-remote[27645]: Error during 'dd51-domainkeys' handler
EXPECTED RESULT:
Outgoing messages should be DKIM signed
Maillog should report no errors.​
ANY ADDITIONAL INFORMATION:
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Help with sorting out
 
I should note: we just migrated from a RHEL 6 server. Plesk version is the same. On that server, outgoing Mailman emails were signed correctly.
 
DKIM settings seem do be misconfigured since the filter should return PASS during call 'dd51-domainkeys' handler even with DKIM record removed. For example, they could have become corrupted during migration.

I also assume that you have already tried re-enabling DKIM (How to enable DKIM spam protection for outgoing emails for a separate domain in Plesk?).

Currently, there is not enough information for Plesk Development team to determine the cause of the issue.

I would recommend submitting a request to Plesk Technical Support team so that they could look into the case in details.
 
LeoniG said:
I also assume that you have already tried re-enabling DKIM (How to enable DKIM spam protection for outgoing emails for a separate domain in Plesk?).
Click to expand...

Yes, I had to disable and re-enable DKIM for each domain that was migrated. DKIM was not working otherwise.

I also removed and re-created the mailing list to see if that would fix the problem.

LeoniG said:
I would recommend submitting a request to Plesk Technical Support team so that they could look into the case in details.
Click to expand...

I will do so.
 
Upon entering the license key, I received the following message:

"We identified that the Plesk license was purchased not directly from Plesk but through one of the Plesk Resellers.In this case, you need to contact your license provider for support service.Plesk Partners (Resellers) are fully trained by Plesk and deliver best-in-the-industry support for Plesk products running on their infrastructure."

I have no idea who my Plesk Reseller is. Plesk was installed on the server by my hosting company. Please advise how to proceed.
 
I have figured out the problem. It seems that Postfix did not define milters for mail that did not come in via SMTP. This is all Mailman mail, of course. I do not use the Plesk webmail, so it might also be a problem there.

In the Postfix configuration file at /etc/postfix/main.cf, I added the following code:

Code: 
non_smtpd_milters = $smtpd_milters

This would also work:

Code: 
non_smtpd_milters = , inet:127.0.0.1:12768

I'm not sure if this is a Plesk or CentOS issue, but definitely something to keep an eye on.
 
Adding non_smtpd_milters to Postfix configuration is a workaround since Plesk Onyx does not use it in the configuration.

All the necessary steps on enabling DKIM/SPF/DMARC protection are described in Plesk documentation: DKIM, SPF, and DMARC Protection.

As DKIM re-enabling did help, the issue could be caused by a misconfigured mail handler.

I am glad to know it works after all, though.

Regarding the license question: If the license was not purchased from Plesk directly, your hosting provider is the first to be contacted when technical support is required.
 
LeoniG said:
As DKIM re-enabling did help, the issue could be caused by a misconfigured mail handler.
Click to expand...

DKIM re-enabling DID NOT help this issue. It was necessary to get DKIM working with SMTP-submitted mail after the migration.

My work-around with non_smtpd_milters is what fixed this issue for me.
 
You must log in or register to reply here.

Similar threads

danami
Resolved Arc errors in maillog
2
Replies
22
Views
2K
AlexMuc81
A
Azurel
Forwarded to devs mail() not working, if called php script on command-line
Replies
3
Views
3K
Azurel
Azurel
Rendor9
Issue qmail problem: Error during 'spam' handler - Error during 'dd52-domainkeys' handler
Replies
1
Views
671
tkalfaoglu
tkalfaoglu
M
Issue mailling server
Replies
1
Views
866
IgorG
IgorG
J
Issue PHPMailer - X-PPP-Vhost header is changed to subscription-domain and causes DMARC reject
Replies
1
Views
4K
japjay
J
Back
Top