Re: [mailop] [EXT] - Dkim fails, success on same email?
On 6/20/2023 12:20 PM, Benny Pedersen via mailop wrote: Mark Alley via mailop skrev den 2023-06-20 19:05: You'll need to add the DKIM selector (and key) Sophos generated for you to your external DNS provider so that other receivers can resolve the key, which enables them to validate messages signed by your email filter. if sophos like to change custommers dns, then sophos is loosing How does one expect another (external) mail server to resolve your public key if by not adding it to external DNS? Key-telepathy? ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [EXT] - Dkim fails, success on same email?
Mark Alley via mailop skrev den 2023-06-20 19:05: You'll need to add the DKIM selector (and key) Sophos generated for you to your external DNS provider so that other receivers can resolve the key, which enables them to validate messages signed by your email filter. if sophos like to change custommers dns, then sophos is loosing all that is required for another forward host is to ARC-Sign/ARC-Seal before breaking dkim if valid dkim cant be preserved otherwize or start another way, do ATPS signing, if sophos is pro that should not be a problem proff is this maillist here breaks dkim, so mailop also fails ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [EXT] - Dkim fails, success on same email?
You'll need to add the DKIM selector (and key) Sophos generated for you to your external DNS provider so that other receivers can resolve the key, which enables them to validate messages signed by your email filter. - Mark Alley On 6/20/2023 11:53 AM, Salvatore Jr Walter P via mailop wrote: OK, we are still having issues with this. We are using Sophos as an email gateway. They generated a DKIM record and are telling us we need to send that to our domain registrar to add it to our DNS records? Is this correct? I understood DKIM was server side only? *From:* mailop *On Behalf Of *Salvatore Jr Walter P via mailop *Sent:* Friday, June 16, 2023 2:06 PM *To:* 'mailop@mailop.org' *Subject:* [EXT] - [mailop] Dkim fails, success on same email? Getting reports back from several ISPs like the one below. It shows dkim failing for the IP, but successful for the domain? The domain “mail-dkim-us-west-2.prod.hydra.sophos.com” uses multiple IPs, On sophospsmartbannerend Getting reports back from several ISPs like the one below. It shows dkim failing for the IP, but successful for the domain? The domain “mail-dkim-us-west-2.prod.hydra.sophos.com” uses multiple IPs, One of which is “198.154.181.72”. We do receive failures on all other IPs as well. Is this an actual issue or something we can ignore? 198.154.181.72 1 none fail pass warwickri.gov mail-dkim-us-west-2.prod.hydra.sophos.com v1 pass warwickri.gov pass ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] [EXT] - Dkim fails, success on same email?
OK, we are still having issues with this. We are using Sophos as an email gateway. They generated a DKIM record and are telling us we need to send that to our domain registrar to add it to our DNS records? Is this correct? I understood DKIM was server side only? From: mailop On Behalf Of Salvatore Jr Walter P via mailop Sent: Friday, June 16, 2023 2:06 PM To: 'mailop@mailop.org' Subject: [EXT] - [mailop] Dkim fails, success on same email? Getting reports back from several ISPs like the one below. It shows dkim failing for the IP, but successful for the domain? The domain "mail-dkim-us-west-2.prod.hydra.sophos.com" uses multiple IPs, One of which is "198.154.181.72". We do receive failures on all other IPs as well. Is this an actual issue or something we can ignore? 198.154.181.72 1 none fail pass warwickri.gov mail-dkim-us-west-2.prod.hydra.sophos.com v1 pass warwickri.gov pass ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop