DKIM broken since today

Bugs in eFa 4
Post Reply
gregecslo
Posts: 65
Joined: 09 Sep 2018 17:55

DKIM broken since today

Post by gregecslo »

Hi all.

So I had my dkim working just fine until today...

For some reason, mail sent from my account from Outlook client and with image pasted in email results in body hash failure.

If I send same mail from OWA or phone client, DKIM is just fine.
Also plain text mail is just fine or html mail with attachments.

I didn`t change anything at all it just started to fail...
I checked many things, even regenerated dkim keys and updated DNS nothing works.
So for example, mail with company logo gets dkim fail while mail without logo gets dkim pass.

I˙m really at loss here since I don`t know what changed.
Any ideas?

Thanks!
amaclach
Posts: 26
Joined: 14 Aug 2023 06:53

Re: DKIM broken since today

Post by amaclach »

Not much help, but DKIM shouldn't be looking at anything except the headers...
Is it the opendkim milter or is it MailScanner/spamassassin that's killing the message?
I guess if you're seeing it in Mailwatch, then it's not the milter because that would kill the message before it hits MailScanner...
gregecslo
Posts: 65
Joined: 09 Sep 2018 17:55

Re: DKIM broken since today

Post by gregecslo »

Found the culprit...

Outlook from O365 apps decided to include SCRIPT tag in outgoing mails since 2 days ago.
DKIM was signed but then mailscanner removed/disarmed script tag and thus corrupted DKIM body signature and sent it out.

So I disabled script tag disarming and voila, job done.

And no DKIM does not look only headers it also signs body...
Post Reply