Incorrect processing of messages with multiple DKIM signatures?

Question

Hello,I've been noticing strange behavior on our Exchange online where legitimately spoofed incoming messages that are double signed&nbsp;(Usually one unaligned DKIM signature for the sending infrastructure and one aligned for the RFC5322.From domain)&nbsp;are being falsely rejected by DMARC because exchange is using the unaligned signature for it's DMARC test.&nbsp;This is not limited to a specific From or MailFrom domain, I can find examples of this every day (large tenant, many subcompanies on one environment) and looks to me like a flaw in Exchange's implementation of the DMARC standard...&nbsp;According to the DMARC spec, this shouldn't be a problem:   Note that a single email can contain multiple DKIM signatures, and it
   is considered to be a DMARC "pass" if any DKIM signature is aligned
   and verifies.(Source: RFC7489, Section 3.1.1)&nbsp;&nbsp;Kind regards, Jordy

martypete1 · Answer

Bump. Just noticed this today. Client has 2 signatures and DMARC is being evaluated under the non-aligned signature. Appears to only affect Microsoft recipients.

marco_meier · Answer

Same here. Does somebody discussed the issue with support?

tanmay1313 · Answer

same issue is happening with me as well.

Forum Discussion

Incorrect processing of messages with multiple DKIM signatures?

Share

Resources