Opendkim in Docker

Open Source Projects DockerEngine
,
1

Hello everyone, tell me where I went wrong…
I want to make Opendkim in docker
Here is the docker file:

FROM ubuntu
RUN apt-get update -y && apt-get install -y \
opendkim \
opendkim-tools \
&& apt-get clean \
&& rm -rf  /var/lib/apt/lists/* \
&& mkdir -p /etc/opendkim/conf \
&& mkdir -p /etc/opendkim/original
 
# Копируем файлы конфигурации
 
COPY ./docker-entrypoint.sh /usr/local/bin
COPY ./opendkim.conf /etc/opendkim/original/opendkim.conf
COPY ./TrustedHosts /etc/opendkim/original/
COPY ./SigningTable /etc/opendkim/original/
COPY ./KeyTable /etc/opendkim/original/
 
#WORKDIR /etc/opendkim
ENV TZ {$TZ:-UTC}
RUN chmod a+x /usr/local/bin/docker-entrypoint.sh
RUN mkdir -p /etc/opendkim/keys
EXPOSE 8891/tcp
#USER opendkim
ENTRYPOINT [ "/usr/local/bin/docker-entrypoint.sh"]

Settings

cat KeyTable
relay._domainkey.example.com example.com:relay:/etc/opendkim/keys/example.com/relay.private
 
cat SigningTable
*.example.com relay._domainkey.example.com
 
cat TrustedHosts:
127.0.0.1
localhost
*.example.com
#(ip postfix)
192.168.100.103
 
cat opendkim.conf
AutoRestart		Yes  
AutoRestartRate		10/1h  
Umask			002  
Syslog			yes  
SyslogSuccess		Yes  
LogWhy			Yes  
Canonicalization	relaxed/simple  
ExternalIgnoreList	refile:/etc/opendkim/conf/TrustedHosts  
InternalHosts		refile:/etc/opendkim/conf/TrustedHosts  
KeyTable		refile:/etc/opendkim/conf/KeyTable  
SigningTable		refile:/etc/opendkim/conf/SigningTable  
Mode			sv  
PidFile			/var/run/opendkim/opendkim.pid  
SignatureAlgorithm	rsa-sha256  
UserID			opendkim:opendkim  
Socket			inet:8891@172.16.150.2

./docker-entrypoint.sh

#!/bin/bash
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime
echo $TZ > /etc/timezone
cp -rn /etc/opendkim/original/opendkim.conf /etc/opendkim/opendkim.conf
cp -rn /etc/opendkim/original/TrustedHosts /etc/opendkim/conf/TrustedHosts 
cp -rn /etc/opendkim/original/SigningTable /etc/opendkim/conf/SigningTable
cp -rn /etc/opendkim/original/KeyTable /etc/opendkim/conf/KeyTable

/usr/sbin/opendkim -f -x /etc/opendkim/opendkim.conf -u opendkim -P /var/run/opendkim/opendkim.pid -D

settings in main.cf which relate to Opendkim:

#172.16.150.2 ip opendkim
#OpenDKIM
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:172.16.150.2:8891
non_smtpd_milters = inet:172.16.150.2:8891

I get the following error in the Postfix logs:

milter-reject: END-OF-MESSAGE from unknown[172.16.110.7]: 4.7.1 Service unavailable - try again later;

telnet 172.16.150.2 8891
Trying 172.16.150.2...
Connected to 172.16.150.2.
Escape character is '^]'.

I really hope for your help

2

Hi

But what is the error in the dkim container?

some clarification questions:
Are you using docker-compose? if yes, are all of these containers on the same network?
Can you provide the way you start the dkim container?

3

I don’t see an error inside dkim, I only see an error from the postfix side. yes I am using docker-compose
postfix on a virtual machine. routes have been built. posftix is ​​configured correctly because when you raise dkim to postfix everything works.
answering the future question why raise dkim in Docker: I want to learn how to work with Docker more confidently, and also in the future I want to try to create separate containers for postfis, docker clamav, opendkim, etc. If you need additional information, please let me know

4

Just as a side note: check mailu.io for email in containers.

5

I also run it in containers…

So, postfix is running normally on the OS, and dkim is running in a container, with ports forwarded?

1 Like
6

Yes you are right.

I just don’t understand what the problem could be if I enter the same commands in a virtual machine with postfix, everything works

7

Have you verified the ip 172.16.150.2 ?

What i would try, set the network mode to “host” for the dkim container (to not get the natted’ ips in the container) and in postfix, use “localhost” instead of 172.16.150.2

8

no, I haven’t tried it, do you think this is the problem?

9

yes, I did as you suggested, still opendkim does not work and I continue to receive the following error warning: connect to Milter service inet:192.168.100.10:8891: Connection refused
192.168.100.10 is the IP where the docker server is located
docker-compose.yaml


version: '3'
services:
  opendkim:
    container_name: OpenDKIM
#    restart: always
    image: ironwill98/opendkim
    volumes:
      - ./opendkim/conf:/etc/opendkim/conf
      - ./opendkim/keys:/etc/opendkim/keys
      - ./opendkim/opendkim.conf:/etc/opendkim/opendkim.conf
    environment:
      - TZ=Europe/Kyiv
    network_mode: "host"
10 
Socket			inet:8891@172.16.150.2

This needs to be:

Socket			inet:8891@0.0.0.0