I suspect trailing spaces in signature, see: d= webforpeople.com.au; and bh= IlYLye2gu03+RsIp6EXl31rAe/3mKctI28feFaVzCkU=; for problems with email delivery to gmail and possibly other more strict services, Testing DKIM with [email protected]25.com seems to pass DKIM as valid but gmail says DKIM:"UNKNOWN with domain null". I am wondering where these spaces come from. I know amavisd-new uses Perl-Mail-DKIM lib for DKIM signature but cannot see where is the signature completed My installation is ISPConfig 3.1.1.p1 but updated regularly from previous versions so there might be some old code somewhere... Code: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= webforpeople.com.au; h=content-type:content-type:mime-version :user-agent:date:date:message-id:organization:subject:subject :from:from; s=default1477976583; t=1478014279; x=1479828680; bh= IlYLye2gu03+RsIp6EXl31rAe/3mKctI28feFaVzCkU=; b=YpHxtFxYz5SJk8GW 5YDMAm4wkuDgbnGvcaA57or4iSMkI6NINgza3oqKvoU14sxD/xPuvB1PHmhnCP6r +5qkgG2iv+Rt9IBU/VUTm9zZuYDTQtMcv7ZcXKKo473yMLFK3FQKpYpZNhyg6dic LaX+GcwsB2cH4F0fTedX6ErpZ7+W0K46v417nyttPhZenCbZdXOH2YpZmy3znGwF O8ew2f+bSf6OCuIB5KL0nmS5hJ+j1naFp9W0k7wlgCAEbZiyMjWXqBhUJ3fi90Tt Reu3mXvxt/ZDW6OvBgOrrOxpx1L7NgUvBu65ekArakx0UXk0gHgdoXEQcm7AUIDi BRhJ7t7lRxAqHaC4vqmEu5Uwjqb1ySIpjM3J1ycKMp+No2yJc8q6lTwutNLs4k2p JIcVPc9KTwmvSkoMTX9gXukGUOjktgyWRkod7E3qD/Ke10V0UGPPQIGDOZpWJHil BuxWs073msIdQhM72hbKHygyK+PiR0hwwFF8gtLFeKZ+EyFrnShY4bdVT8kTk9bo /4SrmGQXX1G0P1hCzQDpOSLN5zPYd+18F/VdtFCLAKOXA+a207tSxsuA7Dtqxjav ue/mWcev7eIN8M2h/Bd/+yEOnrIz9X6JKyNB40J8E07H68RmQGUghmNKOXyUgNnr hy/uZ9Z4iF3KmMCd5yUkTTeiinM=
there is no space in 60-dkim: Code: dkim_key('webforpeople.com.au', 'default1477976583', '/var/lib/amavis/dkim/webforpeople.com.au.private');
Also normal query: Code: dig @8.8.8.8 TXT default1477976583._domainkey.webforpeople.com.au. returns key which lookspretty good but it looks to me there might be some issue when some servers cannot retrieve the key from my server, will look into it. Still not sure if the extra space in that DKIM signature could be an issue or not
Thanks for your help, looks like it was an DNS issue, I just added some secondary DNS servers which seems to help and gmail is finally not complaining about DKIM signature... and also it looks like those spaces are not an issue.
Just one thing you my like look into, I was upgrading my installation regularly but I had to manually fix database tables dns_rr and mail_domain to TEXT respectively to MEDIUMTEXT, it was not changed during update..., anyway it has nothing to do with this issue.
I checked the incremental database files and found that those tables get updated. Maybe you used a development version previously?
I don't think so, it is my production server so no development branch, looks like these update process was not successful for some reason
