[exim] Exim DKIM: exim<->Exim verifies but not on Gmail or Office 365

Thu, 03 May 2018 10:36:22 -0700 

Hi I have exim configured to sign mail from a domain.  It does this and passing 
through another Exim server that other server verifies the signature,but, Gmail 
and Office 365 fail it.  I am using 2048 bit keys all are well published in the 
DNS.  Port 25 reports that the signature check fails,  It finds the keys 
correctly.  This is with exim  version 4.90_1 #2 built 14-Mar-2018 08:32:15 
from EPEL on Redhat 7.3.  The transport config is correctly picking the key 
from a table and signing the message.  Port25 reports as below is there some 
other config I need to do.  I have even cutdown the signed headers to


dkim_sign_headers = From:Date:Subject:Message-ID:Content-Type:MIME-Version


to try and avoid problems with headers being mangled.  No amount og googeling 
solves this.


:




----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         fail (signature doesn't verify)
ID(s) verified:

Canonicalized Headers:
    message-id:[email protected]'0D''0A'
    date:Thu,'20'3'20'May'20'2018'20'16:15:50'20'+0000'0D''0A'
    subject:DKIM'20'Test'20'4'0D''0A'
    from:[email protected]'0D''0A'
    
dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=naln.ac.uk;'20's=537-1525350337-pub.mailrelay;'20'h=Message-id:Date:subject:From:Content-Type:'20'MIME-Version;'20'bh=pZvvKsjXAM/6uncB9f5zyvKqs9c+J7vZeZgqFM0pduk=;'20'b=;

Canonicalized Body:
    TEST'20'MAIL'0D''0A'
    Subject:'20'DKIM'20'Test'20'4'0D''0A'
    ----'20'Diagnostic'20'----'0D''0A'
    HOST=sllv-mr04.arts.local'0D''0A'
    PORT=smtp'0D''0A'
    [email protected]'0D''0A'
    [email protected]'0D''0A'
    SUBJECT=DKIM'20'Test'20'4'0D''0A'
    HOSTNAME=sllv-mr03.arts.local'0D''0A'
    [email protected]'0D''0A'


DNS record(s):
    537-1525350337-pub.mailrelay._domainkey.naln.ac.uk. 60 IN TXT 
"v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV+yM4c/LE4RWwPhXGBotF7AchoNvWsgiJgxUCIGb7CVWbiQFDw0Qthd5jesidVVR1y9YCndHYJWhipHjVrO/5ks5UlAY8ZGbiPAe21yxIfZ4c90C8Pzbf81DhuJChP7MWjjwJEt8b91GQaEKNGcF5psoIbIudkKfzDtShnOdl/uV43ITZslu3wSKoYFS2P+2a4UyBPYQvkhcI/YWEcqYRBfIz3E8AUT+YEH2QquEyZbnrr11baGalIUT8E0eM/pEvUDroquioJSSlvclINhIYs3w8pski7Qv2zZsfFNcKTEfzaqBXwelwwVnDSpPO+uWvhaWmJqISBl7axBnwbmTQIDAQAB"

Public key used for verification: 
537-1525350337-pub.mailrelay._domainkey.naln.ac.uk (2048 bits)

NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 
or draft-ietf-dkim-base-10) and verification may fail for older versions.  If 
you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get 
a compatible version of DKIM.


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to