opendkim AUTH pass-es for received mail, but fails on forward ...

From: <>
Date: Tue, 10 Apr 2012 13:46:22 -0700


i've opendkim 2.5.2 installed on Ubuntu 10LTS/64. it's configured to
work with a Zimbra server.

i've got a use case that's zimbra-related, that manifests in an opendkim
authentication error.

i'd appreciate if someone might take a peek, and comment if this is
likely an opendkim or zimbra issue, and, perhaps, what to look for.

here's what i think is releveant info re: the use case:

i have a zimbra server, ""
it hosts two domains, "" and ""
both domains are being opendkim signed; outbound signing passes analysis
by the 'port25' verifier.

i've created an inbound mail zimbra user rule (server-side sieve, iiuc)
for ""

on receipt, that rule does two things:
        (1) keeps a copy of the received msg in the inbox of
        (2) execs "Forward Mail" of the same received message to

i send an email to "" from an external
account, NOT on the zimbra server, that happens to be be DKIM signed.

once received and rule-processed, i 'diff' the full/raw messages
(headers & content) for cases (1) & (2).

the full 'diff' result i've pasted here:

in the (1)st case, i see a "dkim=pass":

        70 ! Authentication-Results:; dkim=pass
                ! (1024-bit key)
                ! dkim-adsp=pass

but in the (2)nd case, i see a "dkim=fail":

        83 + Authentication-Results:; dkim=fail
                + (verification failed)
                + dkim-adsp=temperror (missing parameter(s) in
                policy data)

the process of rule-forwarding the message is causing the DKIM Auth
check to fail.

is it opendkim config ( in "policy data"?), zimbra config, screwy
process flow, or something else?

Received on Tue Apr 10 2012 - 20:46:34 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:39 PST