Author: Bill Cole Date: To: Victor Sudakov via Exim-users Subject: Re: [exim] dkim=fail (body hash mismatch;
body probably modified in transit)
On 2022-12-05 at 00:46:07 UTC-0500 (Mon, 5 Dec 2022 05:46:07 +0000)
Victor Sudakov via Exim-users <vas@???>
is rumored to have said:
> Jeremy Harris via Exim-users wrote: [...] >>
>> I guess there's also the dkim canonicalisation. Mine was
>> relaxed/relaxed. Yours?
>
> dkim_canon = relaxed
There's your problem.
If you use relaxed instead of relaxed/relaxed, the unspecified body
canonicalization is "simple" which is never what anyone should use.
DKIM canonicalizations are proof that DKIM was devised by people without
useful real-world email knowledge. None of the defaults make sense and
the "relaxed" canonicalizations are grossly inadequate for dealing with
entirely reasonable and harmless message modifications.
--
Bill Cole
bill@??? or billcole@???
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
