DomainKeys Identified Mail - Possible issue/bug "warning: connect to Milter service inet:localhost:8891: Connection refused"

6 posts / 0 new
Last post
#1 Sat, 06/07/2014 - 16:22
Ric878

DomainKeys Identified Mail - Possible issue/bug "warning: connect to Milter service inet:localhost:8891: Connection refused"

Hi,

I have recently setup a few servers and installed webmin/virtualmin on them. During this process I took a dive into getting my own email server online on one of my VPS accounts and encountered some issues. I'm not sure if I discovered a bug or I am simply not configuring my services correctly. Here are the symptoms:

Upon getting my email server online using Ubuntu 12.04 I perform a few basic tests. Send an email from the email server to my gmail account and then respond to that same email to confirm incoming out outbound email delivery. At this point everything works great. I then try to setup DomainKeys Identified Mail. I enter the following options:

Signing of outgoing mail enabled? Yes Selector for DKIM record name 2014 Reject incoming email with invalid DKIM signature No Size of DKIM key 2048

Once I submit the form it generates my key and adds the appropriate entry into my DNS zones. The issue is that outgoing email never gets signed and when viewing the log I can see the following error:

"warning: connect to Milter service inet:localhost:8891: Connection refused"

This message gets repeated every couple of minutes or so. Now the strange thing is that in an attempt to resolve this issue I tried a few different things but what ultimately worked was the following:

edit the /etc/opendkim.conf change the following from Socket inet:8891@localhost to Socket inet:8891@127.0.0.1

also edit /etc/postfix/main.cf change the following from smtpd_milters = inet:localhost:8891 non_smtpd_milters = inet:localhost:8891 to smtpd_milters = inet:127.0.0.1:8891 non_smtpd_milters = inet:127.0.0.1:8891

Once these changes are made outgoing emails get properly signed with a DKIM signature. Furthermore I can reproduce the error by changing the entries back to say localhost instead of 127.0.0.1 I have had the same results on Ubuntu 12.04 and Debian 7. Did not experience this on Centos 6. Problem is that if you make those changes the Virtualmin configuration page no longer recognizes that the service is running and any attempt to make changes and regenerate the key and enable the service through the web gui results in the localhost entry being added back which in turn brings the error back.

One more note, I am able to ping local host and get back a response from 127.0.01. I will concede that I am not well versed enough at configuring postfix to know if I simply have an incorrect configuration or not. Any insight into the issue would be helpful.

Thanks, Ricardo

Mon, 06/09/2014 - 11:15
andreychek

Howdy,

Is there a "localhost" entry in /etc/hosts?

Not having one in there, or if it is incorrect, might cause the problem that you're describing.

-Eric

Mon, 06/09/2014 - 11:28 (Reply to #2)
Ric878

Hi,

Thanks for the response. My hosts file has the following entry:

127.0.0.1 localhost.localdomain localhost

Fri, 06/19/2015 - 03:25 (Reply to #3)
dmitrijev

I've had exactly the same issue with openDKIM on CeonOS 7:

postfix/smtpd[26431]: warning: connect to Milter service inet:localhost:8891: Connection refused

Then I've added: 127.0.0.1 localhost.localdomain localhost to /etc/hosts and it solved the problem.

Thank you

Wed, 03/22/2017 - 16:27
pkoipas78

Hello,

I have the same problem, the emails sent are not signed DKIM and in my logs I have this : Mar 22 22:20:27 nsxxxx postfix/smtpd[2824]: warning: connect to Milter service inet:localhost:8891: Connection refused

I have Debian Linux 8.7, Webmin 1.831 and Virtualmin 5.07

I do not understand what to do, I tried everything, thank you for helping me

Thank you

Thu, 03/23/2017 - 13:44
pkoipas78

It is solved, my firewall blocked at localhost level :-)