I created a client library to send emails for a webapp.
After connecting to the SMTP server with credential setup in CPANEL, and then do NOT add Message-Id header, the DKIM signature 'h' record created by dovecot/WHM is wrong, and a Message-ID (with a capital D) header is added, invalidating the generated DKIM signature value.
This causes outlook, yahoo, gmail and other email recipients to add 'dkim:fail' to the message, and thus relegate it to junk or spam.
The work around is to add to the message a Message-Id with a little ‘d’ header. Then the SMTP server processes the email with the correct generated DKIM, correct DKIM ‘h’ record and does not add a Message-ID header.
My SMTP hosting providers that run the WHM/dovecot/CPANEL software are refusing to raise this as a bug and have requested that I do it.
Hi Robert,
Dovecot does not add DKIM headers, Dovecot doesn't even send email. Aside from that:
- The RFC states that "Message-ID" is the actual spelling: https://tools.ietf.org/html/rfc5322#section-3.6.4
- The DKIM signer implementation in CPANEL/WHM seems to do the
right thing: It adds a Message-ID header if it's missing, and
creates a DKIM signature. It seems unlikely that the CPANEL/WHM
DKIM implementation generates invalid DKIM signatures for all
Message-ID headers it generates, as lots of people would have
issues with that.
It's unclear from your inital message what's wrong with the
generated DKIM signature, and it's also unclear where the
"Message-Id" header (with lowercase 'd') comes from. Could you
please explain? Can you show full headers for a message with the
broken DKIM and all the relevant headers?
Tom