On 2011-03-05 at 13:13 -0600, René Berber wrote: > > deny message = DKIM: Message with invalid/missing signature > > sender_domains = gmail.com:paypal.com:ebay.com:$dkim_signers > > dkim_status = none:invalid:fail
> Simple, isn't it? > > But all gmail messages are being rejected and I see contradictory log > entries. > > In exim_main.log: > > > 2011-03-05 13:05:06 1Pvwmo-0007Mi-11 DKIM: d=gmail.com s=gamma > > c=relaxed/relaxed a=rsa-sha256 [verification succeeded] > > 2011-03-05 13:05:06 1Pvwmo-0007Mi-11 H=mail-gw0-f54.google.com > > [74.125.83.54] rejected DKIM : DKIM: Message with invalid/missing signature > > How did verification succeed and then my rule rejected the message? How about if you add to the deny: log_message = DKIM: $dkim_cur_signer / $dkim_domain / $dkim_key_testing / $dkim_verify_status / $dkim_verify_reason Do you get something more useful out of $dkim_verify_reason ? -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/