No security appliance in front of Postifix. I use SpamAssassin that tags with X-Spam.
I have disabled AV scanning. No luck I have disabled dkim-milter. No luck Weird thing is that from other dmarc enabled domains, the result is pass and email delivery is OK. Only from yahoo.com I have this problem. -----Original Message----- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Sunday, October 05, 2014 6:53 PM To: Postfix users Subject: Re: opendkim and opendmarc failure for yahoo.com Inteq Solution - Dep. tehnic: > Oct 5 17:55:44 ns4 opendkim[3861]: A2CCA44674: s=s2048 d=yahoo.com > SSL error:04091068:rsa routines:INT_RSA_VERIFY:bad signature If this were a common problem then there would be many reports, so I presume that you are receiving corrupted email. Do you have a so-called security appliance in the path? Many have a history of tampering with email. http://en.wikipedia.org/wiki/Security_appliance Do you have other anti-spam software in the path that modifies mail headers such as X-Spam:? You (or someone familiar with DKIM) can verify that a message is damaged by capturing the TCP/IP stream with a network sniffer. Wietse
