DKIM is driving me nuts

John Levine johnl at
Wed Sep 5 18:07:07 UTC 2018

In article <CAFsnNZ+HXxrn7+3sYxWtBuA1+rCjvhbtrAg6Y5Tkm_icAte-fg at> you write:
>1. It's "impossible" (read: "I'm not spending any more time on this") to
>get DKIM
>working with different MUAs.  I can get it to work when I send email using
>but not when I send email from the command line (mailx).  "Works" means
>that the
>inserted DKIM headers pass the checks at the other end.

If they're failing because it says "message has been modfied" that
should be all the hint you need.  Sendmail conflates submission and
relay, and has a sometimes unfortunate tendency to helpfully clean up
message headers on the way through, which of course breaks DKIM
signatures.  I haven't run sendmail in 20 years but as I recall there
should be some way to run submitted mail through sendmail once to
clean up the headers, then DKIM sign it, then send it along for relay.
That's what everyone else does.


More information about the freebsd-questions mailing list