We provide forwarding to external accounts (e.g. gmail.com) and it appears that in some cases postfix is invalidating the DKIM signatures. The most prominent and obvious case is eBay and PayPal where gmail is now bouncing/dropping messages where the signature doesn't match.
I caused ebay to send an email to a gmail address and then to an address that forwards. Doing a diff between the messages show this: # diff -u ebay-fail.txt ebay-pass.txt ... @@ -92,6 +83,7 @@ Designated trademarks and brands are the property of their respective owner= s. eBay and the eBay logo are registered trademarks or trademarks of eBay, Inc= -=20 +.=20 eBay is located at 2145 Hamilton Avenue, San Jose, CA 95125. Adding a "." to that line in the version that doesn't verify causes the message to verify. Is there something I can do to keep postfix from altering this? Am I barking up the right tree, or should I be verifying these and resigning them? Should I just tell my customers, "tough luck, use your gmail account directly?" Any help is appreciated. David
