Results 1 to 10 of 29

Thread: DKIM Signature Do Not Validate When Using SMTP To Send Mail

Hybrid View

  1. #1
    Join Date
    Sep 2012
    Posts
    1
    Rep Power
    3

    Default DKIM Signature Do Not Validate When Using SMTP To Send Mail

    When I send a message using an external SMTP client, DKIM signauteres on messages will not successfully validate.

    When I use the built in Zimbra webmail client they validate successfully every time.

    Both tests use the same email address, username/password etc. The only difference is the client used to send the mail.

    I used this guide: Configuring for DKIM Signing - Zimbra :: Wiki to configure DKIM without any issues other than the one noted above.



    $zmcontrol -v
    Release 8.0.0.GA.5434.UBUNTU10.64 UBUNTU10_64 FOSS edition.





    To test DKIM, I used the port25.com service. Upon emailing check-auth@verifier.port25.com, here are the relevent results I recieved for both the Webmail send, and the SMTP send.

    SMTP Test:
    Result: fail (wrong body hash: expected RzsU67ywQxiXDb1FZkrH7WnlatX9SyWIGQ8D3jY6geA=)

    Webmail Test:
    Result: pass (matches From: notifications@removed.com)

    I get the same results using Gmail's "mailed-by:" and "signed-by:" headers. Messages send using the Zimbra Webmail client are 'signed' whereas messages sent using a SMTP are also signed, but do not validate.

    What other pertanent information can I supply to help?

  2. #2
    Join Date
    Nov 2012
    Posts
    4
    Rep Power
    3

    Default

    I have the same problem than you have and found that the dkim was not validated only for my thunderbird linux client.
    it's ok for thunderbird under windows, outlook...
    I tryed to change the Content-Type from utf8 to ISO-8859-15 but without success.
    Please post if you find the solution, i'm greatly interested.

  3. #3
    Join Date
    Nov 2012
    Location
    Poland
    Posts
    16
    Rep Power
    3

    Default has anyone solved the problem?

    Quote Originally Posted by houarnet-tech View Post
    I have the same problem than you have and found that the dkim was not validated only for my thunderbird linux client.
    it's ok for thunderbird under windows, outlook...
    I tryed to change the Content-Type from utf8 to ISO-8859-15 but without success.
    Please post if you find the solution, i'm greatly interested.
    I have the same problem.
    With Zimbra 8.0.1, sending with Thunderbird (Windows, ver. 16, 17) from account-A@mydomain to account-B@mydomain on the server itself, makes DKIM signatures check fail.
    Other clients as well as sending from Zimbra web interface between the same accounts is OK.

    How to fix that? And who is causing problems - ZCS or Thundrbird?

    Regards
    Piotr

  4. #4
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    Can you post full headers from each mail message?
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  5. #5
    Join Date
    Nov 2012
    Location
    Poland
    Posts
    16
    Rep Power
    3

    Default sure

    Quote Originally Posted by quanah View Post
    Can you post full headers from each mail message?
    Sure, I'll try to attach 3 files to this post. The files are meant only for research here.

    The first mail is between two accounts on the problematic host. DKIM fails.
    The second one is mail to another domain (also running ZCS 8.0.1) sent with webmail - DKIM is OK.
    And the last is the same sent with Thunderbird - DKIM fails.

    All 3 emails were sent by one sender (from the same account). Every mail sent by this sender to any account (on their ZCS or on my ZCS) with Thunderbird will fail. Emails sent to Gmail - no problem, Gmail says DKIM ok.
    I cannot reproduce it on my accounts. I installed Thunderbird on my Ubuntu laptop but I cannot force it to fail.

    Regards
    Piotr
    Attached Files Attached Files
    Last edited by bloom; 12-02-2012 at 04:23 PM.

  6. #6
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    Thanks. I notice both of the failed emails use HTML style mail rather than plain text. Does changing Thunderbird to use plain text email resolve the issue?
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  7. #7
    Join Date
    Dec 2010
    Posts
    3
    Rep Power
    4

    Default

    I've looked through your messages an got confused that all of them have "Content-Type: multipart/alternative;", but non have actual body content or at least both parts, only "Content-Type: text/plain; charset=UTF-8; format=flowed" at best.
    Thunderbird or ZWC are sending both parts like in following example:
    Content-Type: multipart/alternative;
    boundary="------------070600010706050305000505"

    This is a multi-part message in MIME format.
    --------------070600010706050305000505
    Content-Type: text/plain; charset=ISO-8859-1; format=flowed
    Content-Transfer-Encoding: 7bit



    --------------070600010706050305000505
    Content-Type: text/html; charset=ISO-8859-1
    Content-Transfer-Encoding: 7bit

    <html>
    <head>
    <meta content="text/html; charset=ISO-8859-1"
    http-equiv="Content-Type">
    </head>
    <body bgcolor="#FFFFFF" text="#000000">
    <br>
    </body>
    </html>

    --------------070600010706050305000505--

    So did you cut the end of the messages or they were like this? Because DKIM signed Content-Type, and if some parts got missing after it, that's valid case of DKIM verification failure.

Similar Threads

  1. DKIM Signature
    By ashrocks in forum Administrators
    Replies: 3
    Last Post: 12-03-2010, 02:03 PM
  2. DKIM Signature
    By ashrocks in forum Users
    Replies: 0
    Last Post: 12-03-2010, 11:51 AM
  3. Replies: 8
    Last Post: 02-19-2010, 08:55 AM
  4. Replies: 3
    Last Post: 01-10-2009, 11:02 PM
  5. Send mail via ISP SMTP
    By mcevoys in forum Administrators
    Replies: 12
    Last Post: 05-09-2006, 09:49 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •