Another day, another issue with DKIM signatures. As has happened before, and as will likely happen again, everything looks great for an email message at mailbox provider A, but gets rejected or otherwise runs into trouble at mailbox provider B.
If you’ve been in email deliverability for a while, then I know that, at least once, you’ve had messages pass DKIM authentication checks at Gmail, but the DKIM signature fails when checked at Microsoft.
The reason why isn’t always the same. In the past I had typically chalked it up to message encoding issues or header rewriting.
But here’s a new scenario, one I haven’t seen before. Double headers, meaning an RFC violation. I know that Gmail now rejects messages with certain doubled headers, but not in this case. Gmail lets the message on through – they’re perhaps cleaning up headers before performing authentication or RFC checks – but Microsoft isn’t.
Bram Van Daele, the CEO of "Agentic Email Intelligence Platform" Engagor, recently shared the story around these unexpected, mailbox provider-specific DKIM failures and how he was able to troubleshoot it all. It is well worth a read.
To me, this highlights that while we're approaching a bit of a convergence when it comes to email sender requirements, different mailbox providers do not always end up handling the same failure case the same way.
And it also reminds us that we've moved past the era where a "good enough" configuration works everywhere. Good enough, and "it worked fine that way yesterday" are, well, no longer good enough.
So, if your emails are bouncing at Microsoft but landing in the inbox at Gmail, here's yet another technical slip up that could be the source of your woe.
Another day, another issue with DKIM signatures. As has happened before, and as will likely happen again, everything looks great for an email message at mailbox provider A, but gets rejected or otherwise runs into trouble at mailbox provider B.
If you’ve been in email deliverability for a while, then I know that, at least once, you’ve had messages pass DKIM authentication checks at Gmail, but the DKIM signature fails when checked at Microsoft.
The reason why isn’t always the same. In the past I had typically chalked it up to message encoding issues or header rewriting.
But here’s a new scenario, one I haven’t seen before. Double headers, meaning an RFC violation. I know that Gmail now rejects messages with certain doubled headers, but not in this case. Gmail lets the message on through – they’re perhaps cleaning up headers before performing authentication or RFC checks – but Microsoft isn’t.
Bram Van Daele, the CEO of "Agentic Email Intelligence Platform" Engagor, recently shared the story around these unexpected, mailbox provider-specific DKIM failures and how he was able to troubleshoot it all. It is well worth a read.
To me, this highlights that while we're approaching a bit of a convergence when it comes to email sender requirements, different mailbox providers do not always end up handling the same failure case the same way.
And it also reminds us that we've moved past the era where a "good enough" configuration works everywhere. Good enough, and "it worked fine that way yesterday" are, well, no longer good enough.
So, if your emails are bouncing at Microsoft but landing in the inbox at Gmail, here's yet another technical slip up that could be the source of your woe.
Comments
Post a Comment
Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.