Opendkim in Docker

Hello everyone, tell me where I went wrong…
I want to make Opendkim in docker
Here is the docker file:

FROM ubuntu
RUN apt-get update -y && apt-get install -y \
opendkim \
opendkim-tools \
&& apt-get clean \
&& rm -rf  /var/lib/apt/lists/* \
&& mkdir -p /etc/opendkim/conf \
&& mkdir -p /etc/opendkim/original
# Копируем файлы конфигурации
COPY ./ /usr/local/bin
COPY ./opendkim.conf /etc/opendkim/original/opendkim.conf
COPY ./TrustedHosts /etc/opendkim/original/
COPY ./SigningTable /etc/opendkim/original/
COPY ./KeyTable /etc/opendkim/original/
#WORKDIR /etc/opendkim
RUN chmod a+x /usr/local/bin/
RUN mkdir -p /etc/opendkim/keys
EXPOSE 8891/tcp
#USER opendkim
ENTRYPOINT [ "/usr/local/bin/"]


cat KeyTable
cat SigningTable
cat TrustedHosts:
#(ip postfix)
cat opendkim.conf
AutoRestart		Yes  
AutoRestartRate		10/1h  
Umask			002  
Syslog			yes  
SyslogSuccess		Yes  
LogWhy			Yes  
Canonicalization	relaxed/simple  
ExternalIgnoreList	refile:/etc/opendkim/conf/TrustedHosts  
InternalHosts		refile:/etc/opendkim/conf/TrustedHosts  
KeyTable		refile:/etc/opendkim/conf/KeyTable  
SigningTable		refile:/etc/opendkim/conf/SigningTable  
Mode			sv  
PidFile			/var/run/opendkim/  
SignatureAlgorithm	rsa-sha256  
UserID			opendkim:opendkim  
Socket			inet:8891@


ln -snf /usr/share/zoneinfo/$TZ /etc/localtime
echo $TZ > /etc/timezone
cp -rn /etc/opendkim/original/opendkim.conf /etc/opendkim/opendkim.conf
cp -rn /etc/opendkim/original/TrustedHosts /etc/opendkim/conf/TrustedHosts 
cp -rn /etc/opendkim/original/SigningTable /etc/opendkim/conf/SigningTable
cp -rn /etc/opendkim/original/KeyTable /etc/opendkim/conf/KeyTable

/usr/sbin/opendkim -f -x /etc/opendkim/opendkim.conf -u opendkim -P /var/run/opendkim/ -D

settings in which relate to Opendkim:

# ip opendkim
milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:
non_smtpd_milters = inet:

I get the following error in the Postfix logs:

milter-reject: END-OF-MESSAGE from unknown[]: 4.7.1 Service unavailable - try again later;

telnet 8891
Connected to
Escape character is '^]'.

I really hope for your help


But what is the error in the dkim container?

some clarification questions:
Are you using docker-compose? if yes, are all of these containers on the same network?
Can you provide the way you start the dkim container?

I don’t see an error inside dkim, I only see an error from the postfix side. yes I am using docker-compose
postfix on a virtual machine. routes have been built. posftix is ​​configured correctly because when you raise dkim to postfix everything works.
answering the future question why raise dkim in Docker: I want to learn how to work with Docker more confidently, and also in the future I want to try to create separate containers for postfis, docker clamav, opendkim, etc. If you need additional information, please let me know

Just as a side note: check for email in containers.

I also run it in containers…

So, postfix is running normally on the OS, and dkim is running in a container, with ports forwarded?

1 Like

Yes you are right.

I just don’t understand what the problem could be if I enter the same commands in a virtual machine with postfix, everything works

Have you verified the ip ?

What i would try, set the network mode to “host” for the dkim container (to not get the natted’ ips in the container) and in postfix, use “localhost” instead of

no, I haven’t tried it, do you think this is the problem?

yes, I did as you suggested, still opendkim does not work and I continue to receive the following error warning: connect to Milter service inet: Connection refused is the IP where the docker server is located

version: '3'
    container_name: OpenDKIM
#    restart: always
    image: ironwill98/opendkim
      - ./opendkim/conf:/etc/opendkim/conf
      - ./opendkim/keys:/etc/opendkim/keys
      - ./opendkim/opendkim.conf:/etc/opendkim/opendkim.conf
      - TZ=Europe/Kyiv
    network_mode: "host"

Socket			inet:8891@

This needs to be:

Socket			inet:8891@