Zoho CRM DKIM failures please amend to relaxed/relaxed

Zoho CRM DKIM failures please amend to relaxed/relaxed

We have been testing mass emails from Zoho CRM.

We have the DKIM key on our domain and Zoho has validated this. 

The issue is some systems fail the DKIM validation because you are setting the Canonicalization to simple/simple. My understanding is despite the name this is pretty strict in the implementation. It means any header modification or whitespace issues cause DKIM to fail.

If you used relaxed/relaxed then the DKIM validation ignores issues with things like whitespace and prevents message forwarding causing issues.

For example our DKIM validator returned the following:

  1. The message has a valid signature, but it does not match the signature of the sending domain. This probably means that the message was modified somewhere along the way.

  3. This is the raw error:

  5.     "error": "bad signature",
  6.     "explanation": "crypto/rsa: verification error",
  7.     "source": 0,
  8.     "tag": "b"
  9. }

RFC Guidance:  https://tools.ietf.org/html/rfc6376#section-3.4