dkim-ops
[Top] [All Lists]

Re: [dkim-ops] Google rejecting forwarded facebook mails based on DKIM

2011-09-06 15:09:35
Hi John,

Thanks for the reply. With some testing, I've discovered that our MTA is 
changing the Content-Type header as well as changing the encoding of the 
message when delivering to an external address (although not for local 
recipients).. so the problem is on our end, not Google's.

Cheers,
Andrew


John R. Levine wrote, On 11-09-06 02:24 PM:
Since we're not modifying any of the signed headers, nor the body of the
message, why would Google be rejecting the message for not being
authenticated?

Before I replied to Google again, I wanted to get a better understanding
of what's going on. Am I correct in my understanding of how this should
be working? Please let me know if you need more details.

Your understanding is correct.  If you're not modifying the message, the 
signature should be OK.

The three obvious possibilities is that Facebook's signatures are 
broken, that something on your system is making changes that it 
shouldn't, or that something at Google is broken.  My guess would be the 
third (overeager anti-phish filters.)

Can you snag copies of some of the mail as it's forwarded, so you can 
check the signatures on the mail as you received it?

Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet 
for 
Dummies",
Please consider the environment before reading this e-mail. http://jl.ly

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops

<Prev in Thread] Current Thread [Next in Thread>