If messages fail your DKIM policy due to an invalid signature, this could be a result of modifications to the message made between the point at which the DKIM signature was applied, and the point at which it arrived at the Gateway.
In this scenario, the Gateway correctly determines that the message has an invalid signature.
-
Show me an example
- A contact sends a message from their company's internal mail server.
- The internal mail server applies a DKIM signature to the message and sends it to a managed mail service provider used by the company.
- The message is then modified by the managed mail service provider, invalidating the DKIM signature.
- The message is sent to the recipient(s).
- The message is received by the Clearswift SECURE Email Gateway (with DKIM verification enabled).
- The Gateway determines that the DKIM signature is not consistent with the message. The message is rejected or held in a message area.
-
Show me how to check a message DKIM verification failure
- From the Home page, click Messages > Find Held Messages. Select the message you want to view.
- Click the Structure tab.
-
Search for the SpamLogicField property.
If DKIM validation failed, the attribute dkim displays the value: SignatureValidationFailed.