Mail with DKIM Signature gets T_DKIM_INVALID flag by SpamAssassin

Question

I've installed a Debian (jessie) box with postfix and spamassassin. Configured and everything works fine.

Except receiving mails with DKIM signatur will produce a flag T_DKIM_INVALID even if the signature is valid. See log example below.

After that, opendkim will verify the signature and let it pass.

Jan 15 14:18:21 localhost spamd[30697]: spamd: connection from localhost [127.0.0.1]:51740 to port 783, fd 5
Jan 15 14:18:21 localhost spamd[30697]: spamd: processing message <id#1234567@mail.gmail.com> for user
Jan 15 14:18:21 localhost spamd[30697]: spamd: clean message (-2.0/5.0) for user in 0.2 seconds, 2572 bytes.
Jan 15 14:18:21 localhost spamd[30697]: spamd: result: . -1 - BAYES_00,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_PASS,T_DKIM_INVALID scantime=0.4,size=2553,required_score=5.0,rhost=localhost

score 12 · Accepted Answer · answered Jan 16 '16 at 00:53

12

You could give this package a try instead: libmail-dkim-perl

One of the walk-throughs linked in the Spamassassin documentation points out a hint that I would recommend to follow:

"You should NEVER need to use CPAN on a RPM or DEB based Linux distribution."

answered Jan 16 '16 at 00:53

desasteralex

968
4
5

`apt-get install libmail-dkim-perl` on debian/ubuntu solved the problem – rodvlopes Mar 02 '21 at 14:09

score 4 · Answer 2 · answered Jan 15 '16 at 13:35

4

This happend because of the missing perl module Mail::DKIM. Without that, every mail with dkim signature will fail the verification. Even those with correct signature.

You can find futher information about it here.

A simple fix is to install the missing module via cpan.

answered Jan 15 '16 at 13:35

High Ball

478
4
11

on Debian-alikes, better say `apt-get install libmail-dkim-perl` according to @derasteralex answer – Adrian W Nov 29 '19 at 11:35

Mail with DKIM Signature gets T_DKIM_INVALID flag by SpamAssassin

2 Answers2