Messaging Gateway

 View Only

  • 1.  DKIM w/ SBG9.0 doesn't work

    Posted Mar 29, 2010 03:42 PM
    Hi there. I was wondering if any of you have successfully tried to setup and run DKIM signing feature in a new version 9.0? I really don't know what I did wrong. It seems DKIM checking works just fine, but when I tried to send testing email to gmail.com or port25.com (as they provide really nice verifier service) I always get "permerror (unsupported headers canonicalization)" or "neutral (bad format)". Is it really RFC4871 compliant or maybe gmail is doing something different? Here I have two "DKIM-Signatures", one working set by gmail and second is mine from SBG (looks fine, except that ";" at the end): DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id :subject:from:to:content-type; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=rpa++hHLZQBAISoFaiQD1IO0USEcRPDuSBWk4hKsfgFTyNBc3lD32gMHqG/b98oXiT vPtXkWh+D0MmY97XAxVQ6L34qIaZZO4hNSla/8oHnekrelxgiEE1KPZYFF/vO8b/VK3L bpQdkqnDTLHzbEoTtULPHSevt7dUFHmDPk1g4= DKIM-Signature: v=1; a=rsa-sha256; d=vvb.sk; s=hq; c=Relaxed/Simple; q=dns/txt; t=1269605175; x=1272197175; h=From:Date:Subject:Message-ID:To:MIME-Version; bh=p5tb/72CcF84yZQeYobW1xuG+ZIdioBija6evI0c+4o=; b=wBMbHIH+CA/QezTuzf1Gi4Yi5/0agJPeJz6ronQN71DmeA2Q0qUeDYyGUj71RZ33 8dT0fIL2s69cIF/17Bav2PXOojY0EEC/xICAdaIoEdjuhmazrrvS9K5+E8biCg7b Ng+3Am3fsa4M5608QgpkRyE4/CMz2BueGrhjwiLWYiI=; Thanks. Marcel


  • 2.  RE: DKIM w/ SBG9.0 doesn't work

    Posted Apr 01, 2010 02:07 PM
    Hello Marcel,

    It looks like there may be an issue with the case in the canonicalization tag:

    c=relaxed/relaxed;
    vs
    c=Relaxed/Simple;

    If you haven't already opened a support case with Symantec support, that is probably going to be the shortest path to a fix if there is an issue with the formattting of the DKIM-Signature header.


    -James


  • 3.  RE: DKIM w/ SBG9.0 doesn't work

    Posted Apr 07, 2010 03:31 AM

    Hi,
    thanks for comment James. Do you really think this should matter somehow? It is true that according to DKIM RFC, it shoud be lower case... weird.
    Fine than, I'll try to open a case on it.
    m>


  • 4.  RE: DKIM w/ SBG9.0 doesn't work

    Posted Apr 26, 2010 08:34 PM
    Good afternoon.
    I have setup DKIM for outbound email on SBGTY 9.0 and Yahoo is fine but Gmail I still get dkim=neutral (bad format).
    I called Symantec this afternoon and they sent me here: http://www.simpledns.com/kb.aspx?kbid=1092
    The setup for DKIM was pretty straight forward but the real deal was setting up the DNS Server publication.
    In my case I use a Windows 2003 DNS Server

    Take a look at this:
    http://service1.symantec.com/support/ent-gate.nsf/854fa02b4f5013678825731a007d06af/bde2dc3be62c88b2882576f800658b9b?OpenDocument