I recently started getting complaints from people not able to send emails to our server. The message they receive from the Sophos Firewall is similar to the one below, where the DKIM settings seem to be erroneous. The problem is that I’m getting the same message from about half a dozen different domains, which are all reputable. After digging a little, I found that they are all using MS Office 365 to send their email and that all the failed emails are coming from the same Microsoft server. However, these domains are not reporting any issues with any other email recipient. I nevertheless tried contacting Microsoft but they don’t seem to be eager to look into this issue.
I therefore decided to remove the rule that checks for DKIM signature in order for my users to be functional and exchange email with these domains. Unfortunately I haven’t found any rule or policy that explicitly mentions DKIM checking. How can I bypass DKIM checking on inbound email on my XG Firewall (latest release)?
Mail delivery to following recipients failed:
AAAAAAA@AAAAAAAA.lu - 550 5.7.0 bad DKIM signature data
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hec.ca; s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=FTVQ+yPbaOddEadWlRZ229q82BJuNyDbW20KyY0x+7M=;
b=qQUZFdvcGAcVEV6GRgQyHIyUThFscFAx9jF9Y4Bzf70O4RPnB1wWk5fb5C+oZpOvEOXPtwoLLbvtykekA0qQ3jOWF9kKjokMIdMyN7J/F5J3jJ4bTRJDxSQ5wx98hwstXvtgLcCxzV7S4zZ7s0BOQCKN27J1AnDH866PrZ05VI8=
Received: from YQXPR0101MB1128.CANPRD01.PROD.OUTLOOK.COM (52.132.78.158) by
YQXPR0101MB1381.CANPRD01.PROD.OUTLOOK.COM (52.132.81.21) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.973.20; Thu, 19 Jul 2018 19:42:36 +0000
Received: from YQXPR0101MB1128.CANPRD01.PROD.OUTLOOK.COM
([fe80::8007:21d9:7f10:34c6]) by YQXPR0101MB1128.CANPRD01.PROD.OUTLOOK.COM
([fe80::8007:21d9:7f10:34c6%3]) with mapi id 15.20.0952.022; Thu, 19 Jul 2018
This thread was automatically locked due to age.