>> Can you get that message out of your mail spool somehow and see if that >> looks like what happened? > > Yes, I will see about that, I'm sure that would be helpful. > > I tried to create one of these bounce messages myself, but it seems > I'd need a recipient domain that would accept-then-bounce my message, > otherwise it will get properly rejected during the SMTP transaction on > our outbound which doesn't produce the same results. >
I found it. It's a bounce message from a Domino MTA. It looks like it does an accept-then-bounce but kept adding to the existing header set (Received: from me; <bounce>; Received: from them) and of course, re-wrote the message body to indicate that it was an undeliverable... which causes the DKIM signature we added in the original outbound message to explode upon re-entry to our system. It looks like this might be an unavoidable interoperability issue with the Domino MTA where it should be stripping the DKIM signature and generating a new message with a fresh message ID when producing the bounce, instead of just passing it back to me with it's headers intact but body severely altered to indicate the bounce. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
