You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
DKIM failures from Mimecast
print icon

DomainKeys Identified Mail (DKIM) is an email authentication method that helps prevents email spoofing and spam. DKIM works by using a digital signature to verify that an email is authentic and hasn't been modified in transit. Email systems using Mimecast for Email security management may run into interim DKIM failures for emails sent from their HappyFox accounts. 

 

Mimecast unpacks and repacks every email for spam identification and other related activities. This breaks DKIM signatures sometimes, especially if they are body based. The unpacking and repacking of emails not unconditional. There are options that allow for it to be disabled (with the side effect that certain features become unavailable) and this is also applied automatically in some cases but breaking of a DKIM signature is not one of those cases. Detailed explanation of the inbound email flow on Mimecast enabled customer side:Yes, Mimecast does unpack and repack emails as part of its security scanning process. This is a common practice for advanced email security gateways.

 

More information about Mimecast email security: https://community.mimecast.com/s/article/email-security-cloud-gateway-dns-authentication-overview

 

Email unpacking:
Mimecast receives the incoming email. It disassembles or "unpacks" the email, separating the headers, body, and attachments


Content inspection:
Each component is scanned for malicious content, spam, and policy violations
This includes checking attachments, links, and the email body itself

 

Modification and repacking:
If necessary, Mimecast may modify parts of the email (e.g., neutralizing malicious links)
After inspection and any required modifications, Mimecast reassembles or "repacks" the email

 

Hash recalculation:
During this process, the body hash may change if any modifications were made. We believe this may be the root cause of the problem faced with emails sent from HappyFox accounts

 

Delivery:
The repacked email is then delivered to the recipient's inbox. This unpacking and repacking process could potentially explain the "body hash did not verify" errors experienced. If Mimecast is modifying the email content in any way during its security checks, it would alter the body hash

 

To address this the below areas can be checked:
Check MimeCast's content modification policies. Look for any aggressive spam or content filtering rules that might be triggering unnecessary modifications.
 

Alternate confirmation option:
Consider reaching out to MimeCast support to confirm if this process is causing the hash verification issues
 

Feedback
1 out of 1 found this helpful

scroll to top icon