Hi John, Thanks for the reply. With some testing, I've discovered that our MTA is changing the Content-Type header as well as changing the encoding of the message when delivering to an external address (although not for local recipients).. so the problem is on our end, not Google's.
Cheers, Andrew John R. Levine wrote, On 11-09-06 02:24 PM: >> Since we're not modifying any of the signed headers, nor the body of the >> message, why would Google be rejecting the message for not being >> authenticated? >> >> Before I replied to Google again, I wanted to get a better understanding >> of what's going on. Am I correct in my understanding of how this should >> be working? Please let me know if you need more details. > > Your understanding is correct. If you're not modifying the message, the > signature should be OK. > > The three obvious possibilities is that Facebook's signatures are > broken, that something on your system is making changes that it > shouldn't, or that something at Google is broken. My guess would be the > third (overeager anti-phish filters.) > > Can you snag copies of some of the mail as it's forwarded, so you can > check the signatures on the mail as you received it? > > Regards, > John Levine, [email protected], Primary Perpetrator of "The Internet for > Dummies", > Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
