DKIM: dkim=fail (body hash did not verify)

Views:

Question

DKIM was implemented for the customers domain within Microsoft 365.

We notice that the dkim failure in the message header:
dkim=fail (body hash did not verify)

Workaround

What we have seen in the message headers, of Tenants with DKIM enabled is the below:

3. Email from M365 to Recipient: DKIM signature added DKIM passes

2. Emails from Crossware to M365: DKIM fails

1. Email From M365 to Crossware: the DKIM signature is added

Flow of Mail: Your Tenant M365 Tenant -> Crossware -> Your Tenant M365 Tenant -> Destination

Crossware does not usually remove any Header information.

However, attached is code for Field which can be used to remove the DKIM field, when it is being processed by Crossware.

The Field needs to be added to the signature configuration. Below are steps on how to create and add a field:

1. Log into Crossware signature portal - https://portal.crossware365.com/cms/home

2. Open the signature designer

3. From the menu on the left Expand Admin - Fields - Create New - formula

4. Field Name - Dkim_Removal

5. In Formula - window paste the attached code

6. Save the new field.

7. You now need to add this lookup to you Signature, it will not display anything but its a blank field that will trigger the removal action.

8. Edit a signature and then add the new DKIM filed to this signature (anywhere) below your signature , this will trigger the DKIM.

Below is the Updated Code to use in the DKIM removal field:

string strTemp = ""; if(pEmailHeaders.ContainsKey("DKIM-Signature")){ pEmailHeaders.Remove("DKIM-Signature"); } if(pEmailHeaders.ContainsKey("dkim-signature")){ pEmailHeaders.Remove("dkim-signature"); } if(pEmailHeaders.ContainsKey("ARC-Authentication-Results")){ pEmailHeaders.Remove("ARC-Authentication-Results"); } if(pEmailHeaders.ContainsKey("ARC-Message-Signature")){ pEmailHeaders.Remove("ARC-Message-Signature"); } if(pEmailHeaders.ContainsKey("ARC-Seal")){ pEmailHeaders.Remove("ARC-Seal"); } if(pEmailHeaders.ContainsKey("arc-message-signature")){ pEmailHeaders.Remove("arc-message-signature"); } if(pEmailHeaders.ContainsKey("arc-seal")){ pEmailHeaders.Remove("arc-seal"); } if(pEmailHeaders.ContainsKey("Authentication-Results")){ pEmailHeaders.Remove("Authentication-Results"); } if(pEmailHeaders.ContainsKey("authentication-results")){ pEmailHeaders.Remove("authentication-results"); } if(pEmailHeaders.ContainsKey("X-MS-Exchange-SenderADCheck")){ pEmailHeaders.Remove("X-MS-Exchange-SenderADCheck"); } if(pEmailHeaders.ContainsKey("X-MS-Exchange-Authentication-Results")){ pEmailHeaders.Remove("X-MS-Exchange-Authentication-Results"); } return strTemp;

Remove DKIM (txt)