Hi, I have been experimenting with Exim's experimental DKIM support (v4.69), and now I have run into something that I can't explain.
Verification of DKIM signed mail works, at least for mail that I sent and signed myself: Authenticaton-Results: post.dev-zero.nl; dkim=good [email protected] Now, I have a Gmail account set up to forward mail to my personal mailbox, and when I send a signed mail there, Google checks my signature, and finds it OK: Authenticaton-Results: mx.google.com; spf=neutral (...) [email protected]; dkim=pass [email protected] but when my own Exim server receives the mail back from Google, the DKIM signature is found bad: Authenticaton-Results: post.dev-zero.nl; dkim=bad [email protected] The only reason I can think of why this would happen, is if Google changed the message somehow before forwarding it, but I can't find any evidence that they did, at least not the body, or any of the signed headers (h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type). I have in the DATA ACL: warn message = Authentication-Results: $primary_hostname; \ dkim=${lookup dkim{DKIM_DOMAIN}} header...@dkim_domain log_message = DKIM results for DKIM_DOMAIN: ${lookup dkim{DKIM_DOMAIN}} !condition = ${if eq{${lookup dkim{DKIM_DOMAIN}}}{unsigned} } Any idea why this happens? Thanks, Martijn.
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
