i wrote to the relevant dkim/dmarc lists but still i find the following errors from opendkim/opendmarc consistently with every message
could somebody please suggest which settings, if there are any within postfix, that may alleviate these failures ? overall, on the other hand, i see many successful verifications as well but id like to know why some still fail surely it can't be that all gmail.com and google.com messages are modified in transit, somehow ie. opendkim[3561]: : mail-wi0-f202.google.com [209.85.212.202] not internal opendkim[3561]: : not authenticated opendkim[3561]: : signature=lnkRpgLM domain=google.com selector=20120113 result="signature verification failed" opendkim[3561]: : s=20120113 d=google.com SSL error:04091068:rsa routines:INT_RSA_VERIFY:bad signature opendkim[3561]: : bad signature data opendmarc[3526]: : google.com fail opendkim[4560]: : n13-vm7.bullet.mail.ne1.yahoo.com [98.138.121.231] not internal opendkim[4560]: : not authenticated opendkim[4560]: : signature=B+PrvMlb domain=yahoo.com selector=s2048 result="signature verification failed" opendkim[4560]: : s=s2048 d=yahoo.com SSL error:04091068:rsa routines:INT_RSA_VERIFY:bad signature opendkim[4560]: : bad signature data opendmarc[26995]: : dmarc.yahoo.com none opendkim[8288]: : snip1.dnsops.gov [129.6.100.200] not internal opendkim[8288]: : not authenticated opendkim[8288]: : signature=PrBejfsW domain=had-pilot.biz selector=mailkey result="signature verification failed" opendkim[8288]: : s=mailkey d=had-pilot.biz SSL error:04091068:rsa routines:INT_RSA_VERIFY:bad signature opendkim[8288]: : bad signature data opendmarc[26995]: : had-pilot.biz none the operator of had-pilot believes and is is confident their dkim sigs are correct
