This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DKIM Broken in 9.706-9?

Hey everyone,

is anyone using DKIM on the Sophos UTM - and has anybody else problems with it after the update to 9.706-9? We had reports that after the update multiple customers were blocking us due to spam detection. We then checked the headersin mxtoolbox, and we get a DKIM error: "Body Hash did not Verify". When we implemented DKIM and DMARC we tested both, and it was working for several months now. We also checked the headers, there were no porblems before. 

I did not find anything relating to this, but I know that exim was updated in the last versions, and I saw that exim has a bug with DKIM (https://help.atmail.com/hc/en-us/articles/900007082823-Exim-v-4-94-2-and-DKIM). But I do not want to change any mailserver config files on the sophos, so the fix in this website is nothing I want to try...

Anyone with a similar problem?

Thanks in Advance



This thread was automatically locked due to age.
Parents
  • We're on 9.507 and using DKIM. But we get a lot of trouble with false positives too . But our trouble is more inbound false positive, but outbound too. I give it a try and can confirm your result: Body Hash Did Not Verify.
    So we are at least 2 with the same problem. DKIM seems broken in 9.705-7 too.

    Best regards

    Alex

    -

  • Hi Alex,

    at least I am not alone...

    Did you already install the update with the new exim version (9.705-7?)? And do you have the possibility to check if the Body Hash problem existed before this?
    By chance I had test emails in my external mailbox, and I could verity that the problem was not present at least a few weeks before the UTM update - headers were accepted in these messages.

Reply
  • Hi Alex,

    at least I am not alone...

    Did you already install the update with the new exim version (9.705-7?)? And do you have the possibility to check if the Body Hash problem existed before this?
    By chance I had test emails in my external mailbox, and I could verity that the problem was not present at least a few weeks before the UTM update - headers were accepted in these messages.

Children