On 08.05.25 15:06, Ken Biggs via Postfix-users wrote:
OpenDKIM is failing signature verification on most incoming emails. Out of
1,146 incoming emails, 173 have been successfully verified and 973 have
"bad signature data". The failing emails include email from google,
amazon, sailthru, and many other reasonably technically capable firms
that I would expect to verify successfully. I have tested DNS lookups and
have found no issues with querying for the DKIM record. I have researched
for hours trying to find something helpful, but the few posts that aren't
specifically dealing with signing emails don't seem to address the issues
I'm seeing. BTW ... outgoing emails are signed properly and passing DKIM
validation.
I'm running:
Rocky Linux release 9.5
Postfix 3.5.25
OpenDKIM 2.11.0-0.34
OpenDMARC 1.4.2-22
SpamAssassin 3.4.6-5
main.cf has the following milter declarations:
milter_default_action = accept
milter_protocol = 6
smtpd_milters =
inet:127.0.0.1:8891,inet:127.0.0.1:8893,unix:/run/spamass-milter/spamass-milter.sock
non_smtpd_milters = $smtpd_milters
master.cf has:
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/libexec/postfix/policyd-sp
I currently have opendmarc config RejectFailures set to false due to this
issue. I would like to set it back to true.
is your server behind a content filter?
Don't you use smtp proxy by any chance?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #99999: Out of error messages.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
