DKIM signatures missing signature expiration tag

book

Article ID: 169898

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

DKIM signatues generated by Messaging Gateway (SMG) may omit the x= tag which defines the signature expiration even though signature expiration is configured for DKIM. This means that DKIM signatures will not be considered invalid based on signature expiration timouts; the DKIM signatures generatied by SMG will be considered valid forever.

Sample DKIM signature missing 'x=' tag:

DKIM-Signature: v=1; a=rsa-sha256; d=2k8domain.test; s=dkim; c=relaxed/simple;
       q=dns/txt; [email protected]; t=1499194186;
       h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:
       Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:
       Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:
       List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
       bh=03JMn/Nk2XWpGfOntottLUCQq7ciKcDA7aTKXYB6ovg=;
       b=Kl6g717A4sCWrrYa0SeOT+9CnRvQIwaZNxLBiDAiaUunAM5/ofw58ALlfJCNOZfA
       paqUnxSRoHpiv11s4jx4BtH6jebvSwwALMQlySJxiuVRH13z0MgzqFRuS9FhWMdJ
       H4GduE6CqsYLH1z6eXmM6a/nbD1fX6ywzL5+JAyUorM=;

Environment

Messaging Gateway

Resolution

This issue has been resolved with the SMG 10.6.4 release.

For earlier SMG releases, the failure to include the signature expiration date does not significantly impact the ability of Messaging Gateway to sign messages or validate DKIM signatures.