Why does DKIM fail
| Situation | Why is DKIM failing when mail is processed by Proofpoint? |
|---|---|
| Solution | For certain Proofpoint Essentials features to work, DKIM must be broken |
What is DKIM?
Domain Keys Identified Mail, or DKIM, is a standard that protects email senders and recipients from spam, spoofing, and phishing. This form of email authentication allows an organization to add a digital Signature to the emails that can be validated by the recipient to check if the email belongs to the legitimate Sender.
Why is DKIM failed by Proofpoint?
Proofpoint Essentials includes a number of configurations to help secure your emails. Unfortunately, some of these features require us to break DKIM signatures in order to process or apply settings to your emails.
Inbound Emails
Email Tagging
When enabled, this will cause the DKIM signature to fail as it requires Proofpoint to apply a tag to your email subject line.
Easy-spam-reporting disclaimer
When enabled, this will also cause the DKIM signature to fail as Proofpoint is required to apply an inbound disclaimer to scanned emails.
URL Defense
Feature - Re-write URLs that are located in DKIM signed messages
When this is enabled, the DKIM signature will also fail as we need to rewrite URLs in DKIM signed emails.
This only applies when an email contains a URL. Otherwise, DKIM will pass as long as none of the other features above are enabled.
Outbound Emails
Disclaimers
Proofpoint Essentials outbound disclaimers are added before we DKIM sign. We will not fail on addinig our own disclaimers.