Skip site navigation (1)Skip section navigation (2)
Date:      5 Sep 2018 20:07:04 +0200
From:      "John Levine" <johnl@iecc.com>
To:        freebsd-questions@freebsd.org
Cc:        wfdudley@gmail.com
Subject:   Re: DKIM is driving me nuts
Message-ID:  <20180905180704.89453200414382@ary.local>
In-Reply-To: <CAFsnNZ+HXxrn7+3sYxWtBuA1+rCjvhbtrAg6Y5Tkm_icAte-fg@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
In article <CAFsnNZ+HXxrn7+3sYxWtBuA1+rCjvhbtrAg6Y5Tkm_icAte-fg@mail.gmail.com> you write:
>1. It's "impossible" (read: "I'm not spending any more time on this") to
>get DKIM
>working with different MUAs.  I can get it to work when I send email using
>Thunderbird,
>but not when I send email from the command line (mailx).  "Works" means
>that the
>inserted DKIM headers pass the checks at the other end.

If they're failing because it says "message has been modfied" that
should be all the hint you need.  Sendmail conflates submission and
relay, and has a sometimes unfortunate tendency to helpfully clean up
message headers on the way through, which of course breaks DKIM
signatures.  I haven't run sendmail in 20 years but as I recall there
should be some way to run submitted mail through sendmail once to
clean up the headers, then DKIM sign it, then send it along for relay.
That's what everyone else does.

R's,
John



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20180905180704.89453200414382>