- Plesk 12.5 for Linux
- Plesk Onyx for Linux
Note: This article has the reference to the issue with the fix available:
"Signature verification failed for DKIM-signed mail sent from one Plesk server to another due to excessively strict DKIM canonicalization."
- Plesk Onyx Update 6 14 November 2016 (Linux)
The following mail settings are turned on:
Allow signing outgoing mail
Verify incoming mail
Tools & Settings > Mail Server Settings
on sending and receiving mail servers. Additionally
Use DKIM spam protection system to sign outgoing email messages
is enabled in Settings on mail account. But DKIM does not work. In mail logs on receiving server:
DKIM verify result: DKIM verification failed: signature verification failed
DKIM has two canonicalization modes.
is used by default. But some servers and mail clients can make little changes in e-mail headers and body such as number or white spaces, letters case in header, spaces in the end of body string. And DKIM signature got invalid. Product bug
The solution is in using relaxed/relaxed canon for signed messaged. Hotfix for Plesk Onyx 17.0.17 on Debina 8.6