Re: Installing opendkim failure - Umask 002 illegal value

From: Bernardo Vasconcelos <>
Date: Sun, 1 Jun 2014 10:20:03 +0300

Hi, thanks for your reply.

Sorry, incomplete copy paste from putty.
It refers to TrustedHosts file.

My conf file:
## See opendkim.conf(5) or %{_pkgdocdir}/opendkim.conf.sample for more
## BEFORE running OpenDKIM you must:
## - make your MTA (Postfix, Sendmail, etc.) aware of OpenDKIM
## - generate keys for your domain (if signing)
## - edit your DNS records to publish your public keys (if signing)
## See %{_pkgdocdir}/INSTALL for detailed instructions.
# Specifies the path to the process ID file.
PidFile /var/run/opendkim/
# Selects operating modes. Valid modes are s (sign) and v (verify). Default is v.
# Must be changed to s (sign only) or sv (sign and verify) in order to sign outgoing
# messages.
Mode sv
# Log activity to the system log.
Syslog yes
# Log additional entries indicating successful signing or verification of messages.
SyslogSuccess yes
# If logging is enabled, include detailed logging about why or why not a message was
# signed or verified. This causes an increase in the amount of log data generated
# for each message, so set this to No (or comment it out) if it gets too noisy.
#LogWhy yes
# Attempt to become the specified user before starting operations.
UserID opendkim:opendkim
# Create a socket through which your MTA can communicate.
Socket inet:8891_at_127.0.0.1
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
Umask 002
# This specifies a text file in which to store DKIM transaction statistics.
# OpenDKIM must be manually compiled with --enable-stats to enable this feature.
#Statistics /var/spool/opendkim/stats.dat
# Selects the canonicalization method(s) to be used when signing messages.
Canonicalization relaxed/simple
# Domain(s) whose mail should be signed by this filter. Mail from other domains will
# be verified rather than being signed. Uncomment and use your domain name.
# This parameter is not required if a SigningTable is in use.
# Defines the name of the selector to be used when signing messages.
Selector default
# Specifies the minimum number of key bits for acceptable keys and signatures.
#MinimumKeyBits 1024
# Gives the location of a private key to be used for signing ALL messages. This
# directive is ignored if KeyTable is enabled.
#KeyFile /etc/opendkim/keys/default.private
# Gives the location of a file mapping key names to signing keys. In simple terms,
# this tells OpenDKIM where to find your keys. If present, overrides any KeyFile
# directive in the configuration file. Requires SigningTable be enabled.
KeyTable refile:/etc/opendkim/KeyTable
# Defines a table used to select one or more signatures to apply to a message based
# on the address found in the From: header field. In simple terms, this tells
# OpenDKIM how to use your keys. Requires KeyTable be enabled.
SigningTable refile:/etc/opendkim/SigningTable
# Identifies a set of "external" hosts that may send mail through the server as one
# of the signing domains without credentials as such.
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
# Identifies a set "internal" hosts whose mail should be signed rather than verified.
InternalHosts refile:/etc/opendkim/TrustedHosts

From: Murray S. Kucherawy
Sent: Sunday, June 1, 2014 10:12 AM
To: Bernardo Vasconcelos
Subject: Re: Installing opendkim failure - Umask 002 illegal value

On Sun, 1 Jun 2014, Bernardo Vasconcelos wrote:
> 2- Get the between lines spaces error: ?Starting OpenDKIM Milter: opendkim:
> /etc/opendkim.conf: configuration error at line 6: unrecognized parameter?

Please provide us with what's in your opendkim.conf. I have no idea
what's on your line 6 or 29.

> 4- If i comment this line ?#Umask 002?, i get the error: ?Starting OpenDKIM
> Milter: opendkim: /etc/opendkim.conf: refile:/etc/opendkim/Tru:
> dkimf_db_open(): No such file or directory [FAILED]?.

Looks like your conf file is referring to /etc/opendkim/Tru, which doesn't

Received on Sun Jun 01 2014 - 07:20:29 PST

This archive was generated by hypermail 2.3.0 : Sun Jun 01 2014 - 07:27:00 PST