We’ve had to disable greylisting on our mail server, because ever since the latest round of security updates we loaded over the weekend, every dkim-using host in the world fails key retrieval at milter-greylist, and we don’t get mail from google or twitter or yahoo or much of anybody large anymore.

And there’s no way to just disable dkim check in milter-greylist.

Anybody have any idea what the fuck might have happened? Searching online finds me exactly nothing. Here’s a sample – every transaction involving DKIM-signed mail fails, every time, and it started at the weekend round of security patches:

Jan 25 23:31:25 newmoon sm-mta[978]: u0Q7VOMi000978: from=<ZZZZZZZZ@gmail.com>, size=2334, class=0, nrcpts=1, msgid=<CAAsYJfyDCB0w3uKXjie-uXF_Xskt524MuKU4=HHckYMkeDKZQg@mail.gmail.com>, proto=ESMTP, daemon=MTA, relay=mail-pf0-f179.google.com []
Jan 25 23:31:25 newmoon milter-greylist: DKIM failed: Key retrieval failed
Jan 25 23:31:25 newmoon sm-mta[978]: u0Q7VOMi000978: Milter: data, reject=451 4.3.2 Please try again later
Jan 25 23:31:25 newmoon sm-mta[978]: u0Q7VOMi000978: to=<YYYYYYYY@murkworks.net>, delay=00:00:00, pri=32334, stat=Please try again later