Opendmarc connection refused for milter

Question

Debian stretch. Postfix + dkim + dmarc.

Opendmarc is not working. I'm getting:

 Nov 26 10:36:07 mail postfix/smtpd[30012]: warning: connect to Milter service inet:localhost:8893: Connection refused

Relevant configs:

/etc/default/opendmarc

 7 RUNDIR=/var/run/opendmarc
 16 SOCKET=inet:8893@localhost
 19 USER=opendmarc
 20 GROUP=opendmarc
 21 PIDFILE=$RUNDIR/$NAME.pid
 22 EXTRAAFTER=

/etc/opendmarc.conf

 58 UMask 0002
 59 
 60 ##  UserID user[:group]
 61 ##      default (none)
 62 ##
 63 ##  Attempts to become the specified userid before starting operations.
 64 ##  The process will be assigned all of the groups and primary group ID of
 65 ##  the named userid unless an alternate group is specified.
 66 #
 67 UserID opendmarc:opendmarc
 68 Socket inet:8893@localhost

(I've also tried with umask 007)

/etc/postfix/main.cf

 85 milter_default_action = accept
 86 #milter_protocal = 2
 87 smtpd_milters = inet:localhost:8891 inet:localhost:8893
 88 non_smtpd_milters = inet:localhost:8891 inet:localhost:8893 

This is the log entry upon startup:

 Nov 26 10:44:04 mail opendmarc[30162]: OpenDMARC Filter v1.3.2 starting (args: -p local:/var/run/opendmarc/opendmarc.sock -u opendmarc -P /var/run/opendmarc/opendmarc.pid)
 Nov 26 10:44:04 mail opendmarc[30162]: additional trusted authentication services: mail.lancasterfungus.com

The port is never created, no listing in netstat.

Answer 1

I'm still waiting for someone from the mailing list to explain why this happened.

The /list/systemd/system/opendmarc.service file was hardcoded with the -f option and it was set to a local socket for some reason.

Two options to fix. Either add -c /path/to/opendmarc.conf and remove the -p, or simply change to -p inet:port@server