In some-not-all received emails -- notably ONLY those sent via 'bulk' services -- I get a DKIM fail: "signature verification failed". Here's one example:
Received message headers
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.example.com 3rfbq51KBTz2xF0
Authentication-Results: dkim.example.com/3rfbq51KBTz2xF0;
dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=proxyvote.com header.i=@proxyvote.com header.b=XjB07H1q
But checking in ' dkim-stats', it says "PASSED"
opendkim-stats dkim-stats
Job 3rfbq51KBTz2xF0 at edge (size 12124)
received via 127.0.0.1 at Wed Jun 29 01:45:37 2016
from domain = 'proxyvote.com'
Signature 1 from proxyvote.com
PASSED
signed bytes: (whole message)
Signature properties:
Key properties:
DNSSEC status: INSECURE
Here's the accompanying dump for that message
cat dkim.3rfbq51KBTz2xF0.4dDfiv
Date: Wed, 29 Jun 2016 03:10:40 -0400
From: "PROXYVOTE" <id@proxyvote.com>
To: USER@EXAMPLE.COM
Subject: Semi-Annual Report
message-id: <$A94546_1_519687362154ADDC_0154651$495132454@adp-ics.com>
Reply-To: "PROXYVOTE" <ProxyMaster@proxyvote.com>
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=proxyvote.com; i=@proxyvote.com; q=dns/txt;
s=edppsuirna01; t=1467189937; x=1498725937;
h=date:from:to:subject:message-id:reply-to:mime-version;
bh=H5lkhcTIjxd0B3N4Kdj314qELLpSKZvAAtPAS+XcM1A=;
Why do I get both 'fail' AND 'pass', and what do I need to do to fix this?