Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

dkim=fail (DKIM-signature body hash not verified)

Some emails are blocked by message "dkim=fail (DKIM-signature body hash not verified)".

Any settings that allow me to disable validation?

I don't need to disable all DKIM validation, just the body hash.

Category: Email Security Appliances
Reply

Best Answer

  • CORRECT ANSWER
    BWCBWC Cybersecurity Overlord ✭✭✭
    edited September 2 Answer ✓

    @mavaca it's either ON or OFF for the whole DKIM Validation.

    I'am seeing this DKIM Failures myself and wasn't paying that much attention to it, but after checking some Entries in the Message Logs I discovered that for some Mails which failed with DKIM Failures (body hash mismatch) the whole message information is wrong.

    E.g. a Mail from amazon.com got flagged with DKIM Failure, but the connecting IP and SPF information shows for that Entry shows Information from a customer of mine. Maybe the connection information gets mixed up which can result in that validation error.

    Is this a MS365 issue? Because some of the legit mails I received flagged with DKIM Failures are delivered from MS365.

    @David W / @Gailand are you aware of something like that?

    Do you have Time-of-Click activated, @Halon5 mentioned a while back that there was an open Issue with it, don't know if this is still a thing.

    --Michael@BWC

Answers

  • mavacamavaca Newbie ✭

    Hi @BWC

    Thanks for your answer.

    In my case, I think that DKIM analysis fail for the first signature (M365). 

    The email has 2 signatures, first M365 and last Forcepoint Email Cloud.

    The "X-Mlf-DKIM" header reference a failure with M365 hash body.

Sign In or Register to comment.