message headers say dkim = fail, stats say = PASSED. why the conflict, and how to fix?Emails is marked as...
How can I have x-axis ticks that show ticks scaled in powers of ten?
Unfamiliar notation in Diabelli's "Duet in D" for piano
Is the differential, dp, exact or not?
How to write a chaotic neutral protagonist and prevent my readers from thinking they are evil?
Can I challenge the interviewer to give me a proper technical feedback?
A vote on the Brexit backstop
School performs periodic password audits. Is my password compromised?
Help! My Character is too much for her story!
An Undercover Army
Vector-transposing function
Where is the License file location for Identity Server in Sitecore 9.1?
Why do we say 'Pairwise Disjoint', rather than 'Disjoint'?
Tabular environment - text vertically positions itself by bottom of tikz picture in adjacent cell
How does learning spells work when leveling a multiclass character?
Why would /etc/passwd be used every time someone executes `ls -l` command?
Giving a talk in my old university, how prominently should I tell students my salary?
Should I file my taxes? No income, unemployed, but paid 2k in student loan interest
Short story about cities being connected by a conveyor belt
Are small insurances worth it?
What is the orbit and expected lifetime of Crew Dragon trunk?
Is there a math expression equivalent to the conditional ternary operator?
Issue with units for a rocket nozzle throat area problem
Who has more? Ireland or Iceland?
Professor forcing me to attend a conference, I can't afford even with 50% funding
message headers say dkim = fail, stats say = PASSED. why the conflict, and how to fix?
Emails is marked as spamEmails are going to spamGMail suspects confirmation email in stealing personal informationSPF and DKIM help: Do the FAIL reports from DMARC indicate an issue?SPF, DKIM, DMARC, DomainKeys OK, emails flagged as SPAMCannot send mail to postfix mail serverDKIM FAIL with domain null after passed through relayWhy is my email being marked SPAM by gmail?DKIM Errors with gmail - dkim=neutral (no key) and other issuesOpenDKIM-Bad signature issue for all incoming email
In some-not-all received emails -- notably ONLY those sent via 'bulk' services -- I get a DKIM fail: "signature verification failed". Here's one example:
Received message headers
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.example.com 3rfbq51KBTz2xF0
Authentication-Results: dkim.example.com/3rfbq51KBTz2xF0;
dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=proxyvote.com header.i=@proxyvote.com header.b=XjB07H1q
But checking in ' dkim-stats', it says "PASSED"
opendkim-stats dkim-stats
Job 3rfbq51KBTz2xF0 at edge (size 12124)
received via 127.0.0.1 at Wed Jun 29 01:45:37 2016
from domain = 'proxyvote.com'
Signature 1 from proxyvote.com
PASSED
signed bytes: (whole message)
Signature properties:
Key properties:
DNSSEC status: INSECURE
Here's the accompanying dump for that message
cat dkim.3rfbq51KBTz2xF0.4dDfiv
Date: Wed, 29 Jun 2016 03:10:40 -0400
From: "PROXYVOTE" <id@proxyvote.com>
To: USER@EXAMPLE.COM
Subject: Semi-Annual Report
message-id: <$A94546_1_519687362154ADDC_0154651$495132454@adp-ics.com>
Reply-To: "PROXYVOTE" <ProxyMaster@proxyvote.com>
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=proxyvote.com; i=@proxyvote.com; q=dns/txt;
s=edppsuirna01; t=1467189937; x=1498725937;
h=date:from:to:subject:message-id:reply-to:mime-version;
bh=H5lkhcTIjxd0B3N4Kdj314qELLpSKZvAAtPAS+XcM1A=;
Why do I get both 'fail' AND 'pass', and what do I need to do to fix this?
email authentication dkim dmarc opendkim
asked Jul 5 '16 at 13:38
JasonJason
63
bumped to the homepage by Community♦ 1 min ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
In some-not-all received emails -- notably ONLY those sent via 'bulk' services -- I get a DKIM fail: "signature verification failed". Here's one example:
Received message headers
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.example.com 3rfbq51KBTz2xF0
Authentication-Results: dkim.example.com/3rfbq51KBTz2xF0;
dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=proxyvote.com header.i=@proxyvote.com header.b=XjB07H1q
But checking in ' dkim-stats', it says "PASSED"
opendkim-stats dkim-stats
Job 3rfbq51KBTz2xF0 at edge (size 12124)
received via 127.0.0.1 at Wed Jun 29 01:45:37 2016
from domain = 'proxyvote.com'
Signature 1 from proxyvote.com
PASSED
signed bytes: (whole message)
Signature properties:
Key properties:
DNSSEC status: INSECURE
Here's the accompanying dump for that message
cat dkim.3rfbq51KBTz2xF0.4dDfiv
Date: Wed, 29 Jun 2016 03:10:40 -0400
From: "PROXYVOTE" <id@proxyvote.com>
To: USER@EXAMPLE.COM
Subject: Semi-Annual Report
message-id: <$A94546_1_519687362154ADDC_0154651$495132454@adp-ics.com>
Reply-To: "PROXYVOTE" <ProxyMaster@proxyvote.com>
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=proxyvote.com; i=@proxyvote.com; q=dns/txt;
s=edppsuirna01; t=1467189937; x=1498725937;
h=date:from:to:subject:message-id:reply-to:mime-version;
bh=H5lkhcTIjxd0B3N4Kdj314qELLpSKZvAAtPAS+XcM1A=;
Why do I get both 'fail' AND 'pass', and what do I need to do to fix this?
email authentication dkim dmarc opendkim
asked Jul 5 '16 at 13:38
JasonJason
63
bumped to the homepage by Community♦ 1 min ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
In some-not-all received emails -- notably ONLY those sent via 'bulk' services -- I get a DKIM fail: "signature verification failed". Here's one example:
Received message headers
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.example.com 3rfbq51KBTz2xF0
Authentication-Results: dkim.example.com/3rfbq51KBTz2xF0;
dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=proxyvote.com header.i=@proxyvote.com header.b=XjB07H1q
But checking in ' dkim-stats', it says "PASSED"
opendkim-stats dkim-stats
Job 3rfbq51KBTz2xF0 at edge (size 12124)
received via 127.0.0.1 at Wed Jun 29 01:45:37 2016
from domain = 'proxyvote.com'
Signature 1 from proxyvote.com
PASSED
signed bytes: (whole message)
Signature properties:
Key properties:
DNSSEC status: INSECURE
Here's the accompanying dump for that message
cat dkim.3rfbq51KBTz2xF0.4dDfiv
Date: Wed, 29 Jun 2016 03:10:40 -0400
From: "PROXYVOTE" <id@proxyvote.com>
To: USER@EXAMPLE.COM
Subject: Semi-Annual Report
message-id: <$A94546_1_519687362154ADDC_0154651$495132454@adp-ics.com>
Reply-To: "PROXYVOTE" <ProxyMaster@proxyvote.com>
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=proxyvote.com; i=@proxyvote.com; q=dns/txt;
s=edppsuirna01; t=1467189937; x=1498725937;
h=date:from:to:subject:message-id:reply-to:mime-version;
bh=H5lkhcTIjxd0B3N4Kdj314qELLpSKZvAAtPAS+XcM1A=;
Why do I get both 'fail' AND 'pass', and what do I need to do to fix this?
email authentication dkim dmarc opendkim
asked Jul 5 '16 at 13:38
JasonJason
63
In some-not-all received emails -- notably ONLY those sent via 'bulk' services -- I get a DKIM fail: "signature verification failed". Here's one example:
Received message headers
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.example.com 3rfbq51KBTz2xF0
Authentication-Results: dkim.example.com/3rfbq51KBTz2xF0;
dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=proxyvote.com header.i=@proxyvote.com header.b=XjB07H1q
But checking in ' dkim-stats', it says "PASSED"
opendkim-stats dkim-stats
Job 3rfbq51KBTz2xF0 at edge (size 12124)
received via 127.0.0.1 at Wed Jun 29 01:45:37 2016
from domain = 'proxyvote.com'
Signature 1 from proxyvote.com
PASSED
signed bytes: (whole message)
Signature properties:
Key properties:
DNSSEC status: INSECURE
Here's the accompanying dump for that message
cat dkim.3rfbq51KBTz2xF0.4dDfiv
Date: Wed, 29 Jun 2016 03:10:40 -0400
From: "PROXYVOTE" <id@proxyvote.com>
To: USER@EXAMPLE.COM
Subject: Semi-Annual Report
message-id: <$A94546_1_519687362154ADDC_0154651$495132454@adp-ics.com>
Reply-To: "PROXYVOTE" <ProxyMaster@proxyvote.com>
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=proxyvote.com; i=@proxyvote.com; q=dns/txt;
s=edppsuirna01; t=1467189937; x=1498725937;
h=date:from:to:subject:message-id:reply-to:mime-version;
bh=H5lkhcTIjxd0B3N4Kdj314qELLpSKZvAAtPAS+XcM1A=;
Why do I get both 'fail' AND 'pass', and what do I need to do to fix this?
email authentication dkim dmarc opendkim
email authentication dkim dmarc opendkim
asked Jul 5 '16 at 13:38
JasonJason
63
asked Jul 5 '16 at 13:38
JasonJason
63
asked Jul 5 '16 at 13:38
JasonJason
63
asked Jul 5 '16 at 13:38
JasonJason
63
asked Jul 5 '16 at 13:38
JasonJason
63
63
bumped to the homepage by Community♦ 1 min ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 1 min ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Jason, is it possible for you to change the c=simple/simple to c=relaxedrelaxed? I seen a lot of times where different DKIM Validators struggle with the whitespace folding. You say it's only failing with "Bulk", so that tells me you are sending this out through some SMTP Service, which makes me more inclined to believe the headers are being rewritten and the whitespace folding of simple/simple is the culprit. You can also run Mail Test on it, which will test it with 4 different DKIM validator - If it fails all four. It's probably what's going on, when you send through that bulk service.
Updated Section Below
Since your receiving the email, you can still re-process it and check the DKIM with another validator. This is what I do for sanity checks when I think my email server might be processing DKIM wrong. I'm using Limilabs Mail.dll to do handle the sending of the EML, but you can use whatever you want, in whatever programming language you're familiar with. DKIM stays intact and you'll be able to validate it against other DKIM Validators using online auto-responders.
Dim email As IMail
Dim mb As New Limilabs.Mail.MailBuilder
Dim smtpMail As SmtpMail = SmtpMail.CreateFromEmlFile("D:ValidateDKIMBadDKIM.eml")
email = mb.CreateFromEml(smtpMail.RawEmlData)
Using client As New Smtp()
client.ConnectSSL("mailserver", 465)
client.Login("mailserver", "password")
Dim stream As System.Net.Security.SslStream = client.ReadStream()
Dim reader As IO.StreamReader = New IO.StreamReader(stream)
client.SendMessage(New SmtpMail("Mail Check", { "mailtest@unlocktheinbox.com","check-auth@verifier.port25.com"}, smtpMail.RawEmlData))
client.Close()
End Using
answered Jul 6 '16 at 17:27
HenryHenry
7351414
I am not sending this email, I'm receiving it. My server's checking it its authentication. I have no control over "c=", nor can I run 'Mail Test' on it. Mails that I send with my setup have no such problems, anywhere.
– Jason
Jul 6 '16 at 21:55
I agree there shouldn't be a mis-match, but I revised my answer to allow you to determine which part of the mis-match is correct or not.
– Henry
Jul 6 '16 at 23:41
One more additional though, just from experience. I once used a mail server that will take in the message, it will pass DKIM, then it will rewrite the message and the DKIM will then Fail, because of the way it handled the line-endings with simple/simple. The mail server was actually altering the message. Food for thought.
– Henry
Jul 6 '16 at 23:51
Good point from @Henry, although even with relaxed/relaxted instead of simple/simple, check continues failing. Commenting out mysmtp_generic_mapsfixed.
– SYN
May 24 '17 at 23:02
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f788017%2fmessage-headers-say-dkim-fail-stats-say-passed-why-the-conflict-and-how-t%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Jason, is it possible for you to change the c=simple/simple to c=relaxedrelaxed? I seen a lot of times where different DKIM Validators struggle with the whitespace folding. You say it's only failing with "Bulk", so that tells me you are sending this out through some SMTP Service, which makes me more inclined to believe the headers are being rewritten and the whitespace folding of simple/simple is the culprit. You can also run Mail Test on it, which will test it with 4 different DKIM validator - If it fails all four. It's probably what's going on, when you send through that bulk service.
Updated Section Below
Since your receiving the email, you can still re-process it and check the DKIM with another validator. This is what I do for sanity checks when I think my email server might be processing DKIM wrong. I'm using Limilabs Mail.dll to do handle the sending of the EML, but you can use whatever you want, in whatever programming language you're familiar with. DKIM stays intact and you'll be able to validate it against other DKIM Validators using online auto-responders.
Dim email As IMail
Dim mb As New Limilabs.Mail.MailBuilder
Dim smtpMail As SmtpMail = SmtpMail.CreateFromEmlFile("D:ValidateDKIMBadDKIM.eml")
email = mb.CreateFromEml(smtpMail.RawEmlData)
Using client As New Smtp()
client.ConnectSSL("mailserver", 465)
client.Login("mailserver", "password")
Dim stream As System.Net.Security.SslStream = client.ReadStream()
Dim reader As IO.StreamReader = New IO.StreamReader(stream)
client.SendMessage(New SmtpMail("Mail Check", { "mailtest@unlocktheinbox.com","check-auth@verifier.port25.com"}, smtpMail.RawEmlData))
client.Close()
End Using
answered Jul 6 '16 at 17:27
HenryHenry
7351414
I am not sending this email, I'm receiving it. My server's checking it its authentication. I have no control over "c=", nor can I run 'Mail Test' on it. Mails that I send with my setup have no such problems, anywhere.
– Jason
Jul 6 '16 at 21:55
I agree there shouldn't be a mis-match, but I revised my answer to allow you to determine which part of the mis-match is correct or not.
– Henry
Jul 6 '16 at 23:41
One more additional though, just from experience. I once used a mail server that will take in the message, it will pass DKIM, then it will rewrite the message and the DKIM will then Fail, because of the way it handled the line-endings with simple/simple. The mail server was actually altering the message. Food for thought.
– Henry
Jul 6 '16 at 23:51
Good point from @Henry, although even with relaxed/relaxted instead of simple/simple, check continues failing. Commenting out mysmtp_generic_mapsfixed.
– SYN
May 24 '17 at 23:02
add a comment |
Jason, is it possible for you to change the c=simple/simple to c=relaxedrelaxed? I seen a lot of times where different DKIM Validators struggle with the whitespace folding. You say it's only failing with "Bulk", so that tells me you are sending this out through some SMTP Service, which makes me more inclined to believe the headers are being rewritten and the whitespace folding of simple/simple is the culprit. You can also run Mail Test on it, which will test it with 4 different DKIM validator - If it fails all four. It's probably what's going on, when you send through that bulk service.
Updated Section Below
Since your receiving the email, you can still re-process it and check the DKIM with another validator. This is what I do for sanity checks when I think my email server might be processing DKIM wrong. I'm using Limilabs Mail.dll to do handle the sending of the EML, but you can use whatever you want, in whatever programming language you're familiar with. DKIM stays intact and you'll be able to validate it against other DKIM Validators using online auto-responders.
Dim email As IMail
Dim mb As New Limilabs.Mail.MailBuilder
Dim smtpMail As SmtpMail = SmtpMail.CreateFromEmlFile("D:ValidateDKIMBadDKIM.eml")
email = mb.CreateFromEml(smtpMail.RawEmlData)
Using client As New Smtp()
client.ConnectSSL("mailserver", 465)
client.Login("mailserver", "password")
Dim stream As System.Net.Security.SslStream = client.ReadStream()
Dim reader As IO.StreamReader = New IO.StreamReader(stream)
client.SendMessage(New SmtpMail("Mail Check", { "mailtest@unlocktheinbox.com","check-auth@verifier.port25.com"}, smtpMail.RawEmlData))
client.Close()
End Using
answered Jul 6 '16 at 17:27
HenryHenry
7351414
I am not sending this email, I'm receiving it. My server's checking it its authentication. I have no control over "c=", nor can I run 'Mail Test' on it. Mails that I send with my setup have no such problems, anywhere.
– Jason
Jul 6 '16 at 21:55
I agree there shouldn't be a mis-match, but I revised my answer to allow you to determine which part of the mis-match is correct or not.
– Henry
Jul 6 '16 at 23:41
One more additional though, just from experience. I once used a mail server that will take in the message, it will pass DKIM, then it will rewrite the message and the DKIM will then Fail, because of the way it handled the line-endings with simple/simple. The mail server was actually altering the message. Food for thought.
– Henry
Jul 6 '16 at 23:51
Good point from @Henry, although even with relaxed/relaxted instead of simple/simple, check continues failing. Commenting out mysmtp_generic_mapsfixed.
– SYN
May 24 '17 at 23:02
add a comment |
Jason, is it possible for you to change the c=simple/simple to c=relaxedrelaxed? I seen a lot of times where different DKIM Validators struggle with the whitespace folding. You say it's only failing with "Bulk", so that tells me you are sending this out through some SMTP Service, which makes me more inclined to believe the headers are being rewritten and the whitespace folding of simple/simple is the culprit. You can also run Mail Test on it, which will test it with 4 different DKIM validator - If it fails all four. It's probably what's going on, when you send through that bulk service.
Updated Section Below
Since your receiving the email, you can still re-process it and check the DKIM with another validator. This is what I do for sanity checks when I think my email server might be processing DKIM wrong. I'm using Limilabs Mail.dll to do handle the sending of the EML, but you can use whatever you want, in whatever programming language you're familiar with. DKIM stays intact and you'll be able to validate it against other DKIM Validators using online auto-responders.
Dim email As IMail
Dim mb As New Limilabs.Mail.MailBuilder
Dim smtpMail As SmtpMail = SmtpMail.CreateFromEmlFile("D:ValidateDKIMBadDKIM.eml")
email = mb.CreateFromEml(smtpMail.RawEmlData)
Using client As New Smtp()
client.ConnectSSL("mailserver", 465)
client.Login("mailserver", "password")
Dim stream As System.Net.Security.SslStream = client.ReadStream()
Dim reader As IO.StreamReader = New IO.StreamReader(stream)
client.SendMessage(New SmtpMail("Mail Check", { "mailtest@unlocktheinbox.com","check-auth@verifier.port25.com"}, smtpMail.RawEmlData))
client.Close()
End Using
answered Jul 6 '16 at 17:27
HenryHenry
7351414
Jason, is it possible for you to change the c=simple/simple to c=relaxedrelaxed? I seen a lot of times where different DKIM Validators struggle with the whitespace folding. You say it's only failing with "Bulk", so that tells me you are sending this out through some SMTP Service, which makes me more inclined to believe the headers are being rewritten and the whitespace folding of simple/simple is the culprit. You can also run Mail Test on it, which will test it with 4 different DKIM validator - If it fails all four. It's probably what's going on, when you send through that bulk service.
Updated Section Below
Since your receiving the email, you can still re-process it and check the DKIM with another validator. This is what I do for sanity checks when I think my email server might be processing DKIM wrong. I'm using Limilabs Mail.dll to do handle the sending of the EML, but you can use whatever you want, in whatever programming language you're familiar with. DKIM stays intact and you'll be able to validate it against other DKIM Validators using online auto-responders.
Dim email As IMail
Dim mb As New Limilabs.Mail.MailBuilder
Dim smtpMail As SmtpMail = SmtpMail.CreateFromEmlFile("D:ValidateDKIMBadDKIM.eml")
email = mb.CreateFromEml(smtpMail.RawEmlData)
Using client As New Smtp()
client.ConnectSSL("mailserver", 465)
client.Login("mailserver", "password")
Dim stream As System.Net.Security.SslStream = client.ReadStream()
Dim reader As IO.StreamReader = New IO.StreamReader(stream)
client.SendMessage(New SmtpMail("Mail Check", { "mailtest@unlocktheinbox.com","check-auth@verifier.port25.com"}, smtpMail.RawEmlData))
client.Close()
End Using
answered Jul 6 '16 at 17:27
HenryHenry
7351414
edited Jul 6 '16 at 23:39
answered Jul 6 '16 at 17:27
HenryHenry
7351414
answered Jul 6 '16 at 17:27
HenryHenry
7351414
answered Jul 6 '16 at 17:27
HenryHenry
7351414
7351414
I am not sending this email, I'm receiving it. My server's checking it its authentication. I have no control over "c=", nor can I run 'Mail Test' on it. Mails that I send with my setup have no such problems, anywhere.
– Jason
Jul 6 '16 at 21:55
I agree there shouldn't be a mis-match, but I revised my answer to allow you to determine which part of the mis-match is correct or not.
– Henry
Jul 6 '16 at 23:41
One more additional though, just from experience. I once used a mail server that will take in the message, it will pass DKIM, then it will rewrite the message and the DKIM will then Fail, because of the way it handled the line-endings with simple/simple. The mail server was actually altering the message. Food for thought.
– Henry
Jul 6 '16 at 23:51
Good point from @Henry, although even with relaxed/relaxted instead of simple/simple, check continues failing. Commenting out mysmtp_generic_mapsfixed.
– SYN
May 24 '17 at 23:02
add a comment |
I am not sending this email, I'm receiving it. My server's checking it its authentication. I have no control over "c=", nor can I run 'Mail Test' on it. Mails that I send with my setup have no such problems, anywhere.
– Jason
Jul 6 '16 at 21:55
I agree there shouldn't be a mis-match, but I revised my answer to allow you to determine which part of the mis-match is correct or not.
– Henry
Jul 6 '16 at 23:41
One more additional though, just from experience. I once used a mail server that will take in the message, it will pass DKIM, then it will rewrite the message and the DKIM will then Fail, because of the way it handled the line-endings with simple/simple. The mail server was actually altering the message. Food for thought.
– Henry
Jul 6 '16 at 23:51
Good point from @Henry, although even with relaxed/relaxted instead of simple/simple, check continues failing. Commenting out mysmtp_generic_mapsfixed.
– SYN
May 24 '17 at 23:02
I am not sending this email, I'm receiving it. My server's checking it its authentication. I have no control over "c=", nor can I run 'Mail Test' on it. Mails that I send with my setup have no such problems, anywhere.
– Jason
Jul 6 '16 at 21:55
I am not sending this email, I'm receiving it. My server's checking it its authentication. I have no control over "c=", nor can I run 'Mail Test' on it. Mails that I send with my setup have no such problems, anywhere.
– Jason
Jul 6 '16 at 21:55
I agree there shouldn't be a mis-match, but I revised my answer to allow you to determine which part of the mis-match is correct or not.
– Henry
Jul 6 '16 at 23:41
I agree there shouldn't be a mis-match, but I revised my answer to allow you to determine which part of the mis-match is correct or not.
– Henry
Jul 6 '16 at 23:41
One more additional though, just from experience. I once used a mail server that will take in the message, it will pass DKIM, then it will rewrite the message and the DKIM will then Fail, because of the way it handled the line-endings with simple/simple. The mail server was actually altering the message. Food for thought.
– Henry
Jul 6 '16 at 23:51
One more additional though, just from experience. I once used a mail server that will take in the message, it will pass DKIM, then it will rewrite the message and the DKIM will then Fail, because of the way it handled the line-endings with simple/simple. The mail server was actually altering the message. Food for thought.
– Henry
Jul 6 '16 at 23:51
Good point from @Henry, although even with relaxed/relaxted instead of simple/simple, check continues failing. Commenting out my
smtp_generic_maps fixed.– SYN
May 24 '17 at 23:02
Good point from @Henry, although even with relaxed/relaxted instead of simple/simple, check continues failing. Commenting out my
smtp_generic_maps fixed.– SYN
May 24 '17 at 23:02
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f788017%2fmessage-headers-say-dkim-fail-stats-say-passed-why-the-conflict-and-how-t%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
