On 13.10.2019 15:59, Martijn van Duren wrote:
On 10/13/19 1:59 PM, Reio Remma wrote:
Hello!

I finally moved to Rspamd (2.0) on my production server and I'm seeing
lots of failed DKIM checks, specifically dkim=fail (body hash did not
verify).


Authentication-Results: host.domain.com;
      dkim=fail (body hash did not verify) header.d=facebookmail.com
header.s=s1024-2013-q3 header.b=pNWbKJUd;
      dmarc=pass (policy=reject) header.from=facebookmail.com;
      spf=pass (host.domain.com: domain of notificat...@facebookmail.com
designates 66.220.144.215 as permitted sender)
smtp.mailfrom=notificat...@facebookmail.com

My current stab-in-the-dark theory is that there might be something
going on with line endings when mails are fed to Rspamd.

Any better theories? :)
It's a known issue that mails that don't end on \r\n (both \r\r\n and
\n) cause issues. There's efforts going on to see how we can remedy
this, but in the mean time tell your senders that they should fix their
mails (RFC5321):
    In addition, the appearance of "bare" "CR" or "LF" characters in text
    (i.e., either without the other) has a long history of causing
    problems in mail implementations and applications that use the mail
    system as a tool.  SMTP client implementations MUST NOT transmit
    these characters except when they are intended as line terminators
    and then MUST, as indicated above, transmit them only as a <CRLF>
    sequence.

I'm not sure Facebook will listen to me! :)

Reio

Reply via email to