Last updated on OCTOBER 19, 2017
Applies to:Oracle Communications Messaging Server - Version 7.0.5 and later
Information in this document applies to any platform.
We have a DKIM signer that uses our mail system as a relay, and they reported DKIM failures at recipient systems, even with messages with the most trivial of plain text body content. After we investigated, we found:
1) the signer was using simple/simple header/body canonicalization (ie - the most strict)
2) the signer was specifying Message-ID as one of the headers to sign
Changing to relaxed/simple canonicalization works around the header names being changed, however slightly, but since this was a customer using our server for relay, we were hoping to be as agnostic as possible when relaying their mail.
We know that Messaging Server can and will rewrite certain header names it "knows about" to a different letter case arrangement than what the MUA/client originally submitted. See: Names Of Headers Being Changed Subtly (case-wise) By Messaging Server (Doc ID 2111043.1)
It looks like there isn't a way to turn this off for specific headers, or globally/per channel. We also think that the passthrough and relay options feel a bit dangerous.
Would the dkimpreserve source channel option help in this situation, to avoid this specific type of header "rewriting" should the message contain a DKIM signature? We can see from the doc that we would also have to ensure that the dkim_preserve_domains and dkim_ignore_domains MTA options were present for this to work.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms