Tag Archives: #amavisd-new

Amavis’ BDB suicidal after power outages

I’ve had a few power outages in a row this morning, and the mail server rebooted, too. The FFS reported no major problems, but amavisd failed to start, with the following in the /var/log/maillog:

Sep 18 18:34:11 continuum amavis[17028]: (!!)TROUBLE in pre_loop_hook: db_init: BDB no dbN: __fop_file_setup:  Retry limit (100) exceeded, File exists. at (eval 103) line 322.
Sep 18 18:34:11 continuum amavis[17028]: (!)_DIE: Suicide () TROUBLE in pre_loop_hook: db_init: BDB no dbN: __fop_file_setup:  Retry limit (100) exceeded, File exists. at (eval 103) line 322.

The data in BDBs was corrupted although the file system didn’t report that! Moving the /var/amavais/db/* into another directory, and restarting postfix and amavis solved the problem, though.

DKIM and amavisd-new problems

Creating DKIM keys and using them with amavisd should be straightforward. However, I managed to complicate it, because I failed to notice that amavisd for OpenBSD came with p5-Mail-DKIM module, and so I installed dkim-milter.

Running both in parallel started leaving double dkim flags entries in my mail log, and got me totally confused, ultimately because I used amavisd to generate certificate, and then used the cert for both amavisd and dkim-milter. On top of the confusion, one of them, dkim-milter, wouldn’t recognise the signatures, and the other, p5-Mail-DKIM, wasn’t able to read the key; nevertheless, both happily worked in parallel, former being called by main.cf, and latter by amavisd-new.

When I figured what was I doing and choosing to sort this mess, I turned off dkim-milter, and decided to use the amavisd-new module. The problem that remained was that amavisd would show the certs for virtual domains, but asked to test them, it would reply with:

# amavisd testkeys
TESTING#1: mail._domainkey.domain1.org    => invalid (public key: Can’t locate object method “new_public_key” via package “Crypt::OpenSSL::RSA” at /usr/local/libdata/perl5/site_perl/Mail/DKIM/PublicKey.pm line 351.)
TESTING#2: mail._domainkey.domain2.com => invalid (public key: Can’t locate object method “new_public_key” via package “Crypt::OpenSSL::RSA” at /usr/local/libdata/perl5/site_perl/Mail/DKIM/PublicKey.pm line 351.)

Backup the  /usr/local/libdata/perl5/site_perl/amd64-openbsd/Crypt/OpenSSL/RSA.pm file, and change line:

require AutoLoader;

with line:

use AutoLoader ‘AUTOLOAD’;

After that, the p5-Mail-DKIM module should work just fine, and testing keys should be alright now:

# amavisd testkeys
TESTING#1: mail._domainkey.domain1.org    => pass
TESTING#2: mail._domainkey.domain2.com => pass

Restart amavisd-new and postfix, and there should be no more double or erroneous entries in the mail log. The implications of the change of the perl file are described in the bug 84444.