I have been trying to get DKIM signing to work with the latest master.
I have DKIM on my other environment. But I'm having problems with gmail
flagging everything I send as spam. So I figured this would be a good
opportunity, starting from scratch on a new installation, to try to
figure out why gmail hates me.
I found documentation from 2017 on how to configure a james dkim mailet
signature template. It recommends:
<signatureTemplate>v=1; s=selector; d=<myDomain>;
h=from:to:received:received; a=rsa-sha256; bh=; b=;</signatureTemplate>
I used that as my template. I could not get it to work. Mail-Tester.com
said I had an invalid signature as did SpamAssassin when I sent mail to
my other installation. I tried the forceCRLF both true and false.
Still invalid. I went to an email sent FROM gmail and copied its template:
<signatureTemplate>v=1; s=selector; d=<myDomain>; c=relaxed/relaxed;
h=mime-version:from:date:message-id:subject:to:cc; a=rsa-sha256; bh=;
b=;</signatureTemplate>
This template succeeds with mail-tester and spamassassin. The gmail
template has the c= and a different h=. I'm obviously going to stick
with the one that works. But why was the template recommended in the
james doc not working? I know it's 3 years old. But it was the latest
I could find. Is there newer documentation? Is there a still-better
template that I should be using?
Thx
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
