No, because DKIM is verifying the unmodified header/body (more complicated than that).
-- Kevin A. McGrail Asst. Treasurer & VP Fundraising, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171 On Mon, Mar 19, 2018 at 11:55 AM, Sebastian Arcus <s.ar...@open-t.co.uk> wrote: > On 19/03/18 15:53, Bill Cole wrote: > >> On 19 Mar 2018, at 11:29, Sebastian Arcus wrote: >> >> I've been seeing a number of false positives recently from T_DKIM_INVALID >>> with Gmail emails. Are some Gmail servers misconfigured, or could something >>> be going on at my end? The DKIM record which is flagged as invalid is below: >>> >>> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; >>> s=20161025; h=mime-version:from:date:message-id:subject:to;bh=8wlgvdpEOm >>> UO2ugslPxRkFYA/ZThwu2bWy5VmlR76ug=; >>> b=gRcnOIzmENqS8a91mSdETdXvyH6df7u0tSwsadk6CMD0KtAbzuM3ojHW+kPEo7AB1i >>> vnbCDc/vsR6H7pP0k3hZmF7z/dAaeZWD4RVzqM+Fv70oHy4af64j+fGSekOCM9o4ShRQ >>> Vk3KyF+69sKTK3rRWEnfrcgi/pN2DJWDvrIBRjmFOZYKNVN+8elaVM9DOO7tEMLYuw7T >>> +sVaUMNt8MuPxRhrskJYOIxK8zzkcJHYV+1TuWJuqZAHRVwgnDWX7q3Wx0GwrX+3lKpm >>> 3A1+F5dBVjH4dXvdfIESm5XpV8b9uBn9daGWrUgkR+PB23XsL9QkxEqCRXdgII3FRxtQ >>> Ps6A== >>> >> >> There are LOTS of ways to break a DKIM signature. Whether that one is >> broken can't be checked and how it might have been broken can't be guessed >> at without the full *unmodified* headers and body of the message. >> > > I use Exim to pass stuff directly to SA. Could I attach the DKIM header in > a text file and send it to the list? >