[SOLVED] DKIM Signature invalid @dkimvalidator.com


#1

There is something weird with testing out my DKIM signature. As suggested I used http://dkimvalidator.com but it shows me that my signature is not valid:

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

When I send an Email to myself and check all the parameter within roundcube there are no such issues and my DKIM signature is shown as valid. Besides that I tested it at http://www.appmaildev.com/en/dkim and there is no such issue, too - result: DKIM passed.

Does anybody has an idea of what’s wrong as only http://dkimvalidator.com is telling me that my DKIM signature is invalid?


#2

What explanation is given in the “Details” highlighting the failure?


#3

Oh, I didn’t pay attention to this before. You mean this section?

Validating Signature

result = pass
Details:

But there are no details and result is pass? So only an indication error? Could you run that test, please and confirm?


#4

If you look closely you should see that comment appears in the SpamAssassin score section. So, I would consider its relevance as nil.


#5

Ok, thanks for the clarification!


#6

Agreed! Spamassassin behavior seems strange on dkim signatures. Below is an example from one message and this is the scoring by SA

  • Gain 0.1 score because message has at least one valid dkim sig
  • Lose 0.1 score because message has a dkim sig (whether its valid or not)

Despite this apparent contradiction of no net gain in spam score from using dkim sigs, there is a further gain of 0.1 score if the dkim sig comes from the original author’s domain.

So long story short, DKIM sigs do help spam score but only marginally.

X-Spam-Report:
* -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
* 0.0 HTML_MESSAGE BODY: HTML included in message
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
* author’s domain