DKIM signature is not attached

Hello there,

Thank you for contacting the Sophos Community.

What Firmware Version are you running? Was this working in a previous version?

If you run the following command from the Advanced Shell (5>3) of the Sophos Firewall, can you see the DKIM?

# psql -U nobody -d corporate -xc "select * from tbldkimsigning"

Regards,

emmosophos said:

What Firmware Version are you running? Was this working in a previous version?

SFOS 19.5.1 MR-1-Build278. We just set up DKIM.

emmosophos said:

# psql -U nobody -d corporate -xc "select * from tbldkimsigning"

The entries are displayed.

Hello Gerhard,

Thank you for the feedback.

The only thing I think might be happening is that you aren’t using a 2048 Key length; if you use 1024, the Sophos Firewall won’t add the DKIM.

If you’re using 2048, please open a  case with support and share the Case ID with us.

Regards,

We have replaced the 1024 bit key with a 2048 bit key. With the same result. The case number is 06586820.

Hello Gerhard,

Thank you for the Case ID. 

I forgot to mention to make sure also your DKIM has the correct syntax and it is passing the checks in websites such as 

https://dmarcian.com/dkim-inspector/

https://easydmarc.com/tools/dkim-lookup

https://mxtoolbox.com/

Regards,

These tools only check the DNS entry. Everything is fine with that.

Hello Gerhard,

It does more than that; for example, you can incorrectly enter the format in your DNS provider, which would cause the DKIM to fail.

But I see your case has been sent to GES for investigation. I will follow up there.

Regards,

The tools agree: the DKIM entry is valid.

The keys displayed are not the keys visible via the GUI. Are they possibly stored encrypted? Otherwise that would be pretty weird.