Date: 5 Sep 2018 20:07:04 +0200 From: "John Levine" <johnl@iecc.com> To: freebsd-questions@freebsd.org Cc: wfdudley@gmail.com Subject: Re: DKIM is driving me nuts Message-ID: <20180905180704.89453200414382@ary.local> In-Reply-To: <CAFsnNZ%2BHXxrn7%2B3sYxWtBuA1%2BrCjvhbtrAg6Y5Tkm_icAte-fg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <CAFsnNZ+HXxrn7+3sYxWtBuA1+rCjvhbtrAg6Y5Tkm_icAte-fg@mail.gmail.com> you write: >1. It's "impossible" (read: "I'm not spending any more time on this") to >get DKIM >working with different MUAs. I can get it to work when I send email using >Thunderbird, >but not when I send email from the command line (mailx). "Works" means >that the >inserted DKIM headers pass the checks at the other end. If they're failing because it says "message has been modfied" that should be all the hint you need. Sendmail conflates submission and relay, and has a sometimes unfortunate tendency to helpfully clean up message headers on the way through, which of course breaks DKIM signatures. I haven't run sendmail in 20 years but as I recall there should be some way to run submitted mail through sendmail once to clean up the headers, then DKIM sign it, then send it along for relay. That's what everyone else does. R's, John
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180905180704.89453200414382>