Re: opendkim body hash did not verify problem

From: Dino Ciuffetti <>
Date: Thu, 22 Apr 2010 15:35:15 +0200 (CEST)

> I am having an issue with the opendkim package, we are sending mails with
> phplist and postfix mta and sometimes the signature works and other times
> it
> fails with the "body hash did not verify" error. The message should be
> signed and sent properly every time but sometimes it fails and due to
> this,
> messages get in bulk and spam folders.

I had the same error verifing signatures coming to my courier mta.
For ex. mails coming from are signed for all the headers and
body, so the risk of a broken signature due to mail modification during
the transport to the destination MTA where the DKIM filter is working is
very high.

After posting to the courier-users list we have found that many MTA, MDA,
distribution list software do body and header modifications that make DKIM
signature unmatch (unuseful).

We do not use dkim to filter anything anymore, just to tag mails, because
we have found that DKIM is broken by design.

Btw, this is our opinion.

Ciao, Dino.

Dino Ciuffetti
Linux System Administrator and Architect
TuxWeb S.r.l. -
Received on Thu Apr 22 2010 - 13:35:29 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:19:47 PST