Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 28 subscribers
  • Views 1811 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DKIM not signing NDR from internal servers

IT Services17

Hi,

I have recently configured DMARC and DKIM on our XG450 Units (18.0.1 MR-1-Build396), currently no policy is being applied while I monitor results.

I have noticed most, if not all, of the responses to failure reports are NDR's generated by our internal exchange servers. It appears that the XG is passing these emails without applying the DKIM signature.

Exchange has a rule configured to "reject the message and include the explanation 'User Account is disabled' with the status code: '5.7.1'"

Examining the header information of the copy of the email returned in the failure report shows other Sophos header information but no sign of DKIM, normal email sent are working as expected.

Please let me know if you require examples or any log content to identify the cause.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to IT Services17

    Hello IT Services17,

    I don't have a syntax, other than you could try to grep for DKIM for an email that works and one that doesn't. 

    I thought none of the emails were working when I first read, then after reading the second time and you pointing it out, realized only are the NDR, would it be possible for you, to send my via PM, one of the NDRs and the smtpd_main.log in debug mode.

    I would expect all emails would be signed regardless of type, however, NDRs are a bit different. 

    Regards,