Outlook.com DKIM fails if a HTML signature is added to the e-mail
DKIM is configured correctly, mails result in a DKIM pass on outlook.com and other Microsoft services as long as a HTML signature with a link and image is not attached: dkim=pass (signature was verified).
If however a signature is added, e-mails fail with dkim=fail (body hash did not verify).
This only applies o more robust signatures, which contain website links and/or images. Postmastery covered the issues with MIME and Outlook DKIM status, and I assume that improper MIME is the culprit in this scenario.
This seems to apply exclusively to MS services, as mails with signatures get a DKIM pass on all other e-mail providers I had checked.
Chosen solution
Try this: Menu icon ≡ > Preferences > General Scroll to bottom and click on 'Config Editor' button which opens in a new tab. It will offer a friendly warning :)
In top search type: mime Look for : mail.strictly_mime
If it says 'False' - double click on the line (or use the far rigth toggle icon) to toggle it to says 'True'
Test sending.
Read this answer in context 👍 1All Replies (6)
Please offer some info regarding the signature.
Was the HTML signature file created using Thunderbird Write compose window and saved as HTML file and Account Settings you selected 'use signature file instead' option pointing to html file?
Is the image used in signature stored on computer and added to the signature when HTML signature file was created?
I have tried both posting the HTML directly and selecting use HTML and using "use signature file instead". The signature was created in notepad++ with utf-8 encoding. The image was a base64 encode, I have also tried an external resource.
Upon reading your reply I have tried creating a fresh signature directly in the Thunderbird compose window and saving it as html, with the image selected as something to be included. This also resulted in a DKIM failure. I have also tried using externally hosted image, but again DKIM failed.
Looks like even plain text signatures (with use html left unchecked) cause DKIM to fail at outlook.com.
Only e-mails with no signature at all are delivered with dkim=pass (signature was verified).
Edit" I have used the emailaudit.com tool and while it shows DKIM as verifying correctly (Outlook and other Microsoft services are the only ones which have problems), it also reported that:
A text/html part with utf-8 characters should be transfer encoded with quoted-printable instead of 8bit. which points out that the issue is indeed with MIME.
Modified
I had another reply here, but it seems to have been deleted, maybe by a spam filter as I've added a link to a tool which verified my e-mail headers, etc.
To quickly sum up the situation: it turns out that adding any type of signature, even a plain text one with use html left unchecked, leads to dkim=fail (body hash did not verify) on outlook and other Microsoft e-mail services. If there is no signature there are no issues with the e-mail.
A third party tool which verifies e-mail status showed DKIM as correct (MS is the only company which has issues with DKIM) and showed a notification that: A text/html part with utf-8 characters should be transfer encoded with quoted-printable instead of 8bit.
Is there any way to change mime to quoted-printable in Thunderbird?
Chosen Solution
Try this: Menu icon ≡ > Preferences > General Scroll to bottom and click on 'Config Editor' button which opens in a new tab. It will offer a friendly warning :)
In top search type: mime Look for : mail.strictly_mime
If it says 'False' - double click on the line (or use the far rigth toggle icon) to toggle it to says 'True'
Test sending.
Thank you, now DKIM passes at Outlook.com without any issues. I'm surprised this is not a default setting, seeing how mail.strictly_mime can cause e-mail to be falsely classified as spam if set to false.
Modified
Good to hear all is working properly for you.