Applicable to:
- Plesk 12.5 for Linux
- Plesk Onyx for Linux
Note: This article has the reference to the issue with the fix available:
-
#PPPM-5149
"Signature verification failed for DKIM-signed mail sent from one Plesk server to another due to excessively strict DKIM canonicalization."
Fixed in:- Plesk Onyx Update 6 14 November 2016 (Linux)
Symptoms
The following mail settings are turned on:
Allow signing outgoing mail
and
Verify incoming mail
in
Tools & Settings > Mail Server Settings
on sending and receiving mail servers. Additionally
Use DKIM spam protection system to sign outgoing email messages
is enabled in Settings on mail account. But DKIM does not work. In mail logs on receiving server:
DKIM verify result: DKIM verification failed: signature verification failed
Cause
DKIM has two canonicalization modes.
c=simple/simple
is used by default. But some servers and mail clients can make little changes in e-mail headers and body such as number or white spaces, letters case in header, spaces in the end of body string. And DKIM signature got invalid. Product bug
PPPM-5149
is created.
Resolution
The solution is in using relaxed/relaxed canon for signed messaged. Hotfix for Plesk Onyx 17.0.17 on Debina 8.6
Comments
0 comments
Please sign in to leave a comment.