1

Topic: Problem with Cisco ASA version 7.2(2) and DKIM

When dkim signing is enabled, Cisco ASA can not relay mail to other smtp server. You should find something like that in /var/log/maillog :
.........@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.218.15]:25, delay=1.9, delays=0.03/0.03/1.4/0.45, dsn=4.4.2, status=deferred (lost connection with alt1.gmail-smtp-in.l.google.com[209.85.218.15] while sending end of data -- message may be sent more than once)

When dkim signing is disbled in /etc/amavisd.conf :
---
$enable_dkim_verification = 0;  # enable DKIM signatures verification
$enable_dkim_signing = 0;    # load DKIM signing code, keys defined by dkim_key
---
Everything works fine :
@gmail.com>, relay=gmail-smtp-in.l.google.com[209.85.220.28]:25, delay=0.68, delays=0.02/0.05/0.1/0.51, dsn=2.0.0, status=sent (250 2.0.0 OK 1252423104 4si308461fxm.6)

There's probably something to do on Cisco ASA (on Cisco pix, it was something like 'no fixup smtp'), but I don't know what.

Any Idea ???

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Problem with Cisco ASA version 7.2(2) and DKIM

I've find a solution : Upgrade ASA firmware http://www.arschkrebs.de/postfix/postfi … bugs.shtml
Any other idea is welcome ...

3

Re: Problem with Cisco ASA version 7.2(2) and DKIM

Thanks for your sharing smile

4

Re: Problem with Cisco ASA version 7.2(2) and DKIM

another issue on cisco ASA :

en
conf t
no fixup protocol smtp 25
ex
wr mem

It also works in my case with this kind of log in maillog :
lost connection after DATA