[SOLVED] DKIM Signature invalid @dkimvalidator.com


There is something weird with testing out my DKIM signature. As suggested I used http://dkimvalidator.com but it shows me that my signature is not valid:

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

When I send an Email to myself and check all the parameter within roundcube there are no such issues and my DKIM signature is shown as valid. Besides that I tested it at http://www.appmaildev.com/en/dkim and there is no such issue, too - result: DKIM passed.

Does anybody has an idea of what’s wrong as only http://dkimvalidator.com is telling me that my DKIM signature is invalid?


What explanation is given in the “Details” highlighting the failure?


Oh, I didn’t pay attention to this before. You mean this section?

Validating Signature

result = pass

But there are no details and result is pass? So only an indication error? Could you run that test, please and confirm?


If you look closely you should see that comment appears in the SpamAssassin score section. So, I would consider its relevance as nil.


Ok, thanks for the clarification!


Agreed! Spamassassin behavior seems strange on dkim signatures. Below is an example from one message and this is the scoring by SA

  • Gain 0.1 score because message has at least one valid dkim sig
  • Lose 0.1 score because message has a dkim sig (whether its valid or not)

Despite this apparent contradiction of no net gain in spam score from using dkim sigs, there is a further gain of 0.1 score if the dkim sig comes from the original author’s domain.

So long story short, DKIM sigs do help spam score but only marginally.

* -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
* 0.0 HTML_MESSAGE BODY: HTML included in message
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
* author’s domain