DKIM does not work: DKIM verify result: DKIM verification failed: signature verification failed

Created:

2016-12-12 03:45:51 UTC

Modified:

2017-08-18 03:09:35 UTC

1

Was this article helpful?


Have more questions?

Submit a request

DKIM does not work: DKIM verify result: DKIM verification failed: signature verification failed

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk Onyx for Linux

Note: This article has the reference to the issue with the fix available:

  • #PPPM-5149 "Signature verification failed for DKIM-signed mail sent from one Plesk server to another due to excessively strict DKIM canonicalization."
    Fixed in:
Please consider updating your server:

Symptoms

The following mail settings are turned on: Allow signing outgoing mail and Verify incoming mail in Tools & Settings > Mail Server Settings on sending and receiving mail servers. Additionally Use DKIM spam protection system to sign outgoing email messages is enabled in Settings on mail account. But DKIM does not work. In mail logs on receiving server:

DKIM verify result: DKIM verification failed: signature verification failed

Cause

DKIM has two canonicalization modes. c=simple/simple is used by default. But some servers and mail clients can make little changes in e-mail headers and body such as number or white spaces, letters case in header, spaces in the end of body string. And DKIM signature got invalid. Product bug PPPM-5149 is created.

ADDITIONAL INFO .

Resolution

The solution is in using relaxed/relaxed canon for signed messaged. Hotfix for Plesk Onyx 17.0.17 on Debina 8.6

Attachments:

Have more questions? Submit a request
Please sign in to leave a comment.