James,
> If I send an email to [EMAIL PROTECTED] to comes back
> saying:
> DKIM check details:
> Result: fail (signature doesn't verify)
> The same thing happens sending from my iPhone.
> But it works fine sending from the same computer using Thunderbird. Or
> if I use webmail (Roundcube or Ilohamail) to send the email.
> All are sending through the same mail server (Postfix), same account,
> with and without SSL.
> Has anyone had any similar problems with DKIM and Mail.app?
Your signer signed the following header section:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=bordo.com.au; s=mail; h=Message-Id:From:To:In-Reply-To:
Mime-Version:Subject:Date:References:MIME-Version:Content-Type;
bh=FBGlG3/lg4Qa0cw6oM9LAu83D6E9uxKw+uQSQmKN7EQ=; b=D8uXGWZusRopo
0Dx4TQeApJbajiayRIpN/Q+GTgn/MPv7Qj+Cq5EOcwr75ZXv/GV+MRpo+qGiOfv0
fJtqDvR1TwbjuvSuRTHgQVCc1+AY3T4iDEQ5f4EGJ0NPR56rPqrKGDi1AwCGjvVD
sieq86AnRWfredZLTHzXvzq5neSGOE=
Message-Id: <[EMAIL PROTECTED]>
From: James Brown <[EMAIL PROTECTED]>
To: postfix-users@postfix.org
In-Reply-To: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Subject: Re: [OFF]: DKIM broken by certain email clients
Date: Wed, 24 Sep 2008 17:42:40 +1000
References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg=sha1; boundary="----31313EF4F437E4210E9DC5F9C2D9A7A1"
Note the double occurrence MIME-Version, but this is not in itself
a reason for DKIM validation failure.
The above header section was modified on its way out from your site,
replacing the first "MIME-Version: 1.0" of the two with a
Mime-Version: 1.0 (Apple Message framework v929.2)
thus breaking the signature.
So it seems you have two problems here: why are there two MIME-Version
header fields in the first place, and why is one of them modified AFTER signing.
Mark
