Back to Community Threads
1
Exception getting DKIM signature
Problem reported by Scarab - 10/13/2022 at 9:33 AM
Submitted
On Smartermail Enterprise Build 8251 we started seeing emails being rejected by Google with the response "550 5.7.1 'FROM' header is missing". Of course the messages had a FROM header. However, we noticed in the Delivery Logs the following errors:

“"Exception getting DKIM signature System.ArgumentException: The list of headers to sign MUST include the 'From' header. Parameter name: headers at MimeKit.Cryptography.DkimSigner.Sign(FormatOptions options, MimeMessage message, IList`1 headers) at MailService.RelayServer.RemoteDeliverySession.GetDkimSignature()"
The domain has Email Signing enabled in the General Settings. However, upon closer inspection we noticed that in the Email Signing Settings the Header Fields To Use: field was blank. Changing this option to any of the available options immediately resolved the problem.

We discovered this happens with every domain that has Email Signing enabled as of Build 8251. We can duplicate by creating a new domain (or using an existing domain that doesn't have Email Signing), adding the selector._domainKey TXT record in DNS and having Email Signing enabled. Looking in the Email Signing Settings shows a null value under Header Fields To Use: and any emails sent from this domain will result in the "Exception getting DKIM signature System.ArgumentException: The list of headers to sign MUST include the 'From' header..." error in the Delivery Logs.

It looks like there isn't a default value that is defined for this setting in the latest Build.

2 Replies

Reply to Thread
0
Kyle Kerst Replied
10/13/2022 at 12:22 PM
Employee Post
Hey Scarab, I'm sorry to hear you're having issues with this, and find it strange its happening across the board in your environment. I did a quick test in our public build test server and found no issues with domains already running DKIM, nor any issues in newly setup domains. Can you get a ticket submitted on this one so we can take a look?
Kyle Kerst
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
1
Sébastien Riccio Replied
10/14/2022 at 7:33 AM
After reading this post, I got a bit worried because DKIM breaks every two SM releases and checked our log. We found this;

(cropped because there are a lot of occurences)
[2022.10.11] 00:35:07.313 [56967766] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.11] 00:35:07.313 [56967734] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.11] 00:35:07.313 [56967754] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.11] 00:35:07.313 [56967744] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.11] 00:35:07.313 [56967774] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.11] 00:35:07.313 [56967764] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.11] 10:32:31.926 [56996996] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.11] 16:54:07.242 [57029773] Exception getting DKIM signature System.ArgumentException: The list of headers to sign MUST include the 'From' header.
[2022.10.13] 10:18:37.668 [57157599] Exception getting DKIM signature System.ArgumentException: The list of headers to sign MUST include the 'From' header.
[2022.10.13] 14:47:59.495 [57180148] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.13] 14:48:02.495 [57180151] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.13] 14:49:42.139 [57180271] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.13] 14:49:42.139 [57180266] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.13] 14:51:03.624 [57180383] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.
[2022.10.13] 14:51:03.640 [57180385] Exception getting DKIM signature System.ArgumentException: The list of headers to sign SHOULD NOT include the 'Bcc' header.

I checked the DKIM settings for some of these. The one with missing from is configured like this:


The others complaining about BCC field is configured like this:


I see that we're not consistant about which headers to use for the signing but:

1) Shouldn't the "All non-repeatable fields" option include the From header field ? (as it causes an exception if it is missing)
EDIT: Maybe the mail being signed is missing a "From" header, I have to check this deeper.

2) Shouldn't SM automatically dismiss the BCC field for signing, when using other options (as it will cause an exception)
EDIT: I tried to reproduce the error in the log by sending mails with BCCs but without luck so far

Kind regards,
Sébastien 
Sébastien Riccio
System & Network Admin
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

SmarterTools Licensing InformationGeneral Topics
Securing SmarterMail With Let's EncryptSmarterMail > Installation and Configuration
Slow 250 response after Mail From command is issued during an SMTP session.SmarterMail > Troubleshooting
Set up SmarterMail as an IIS Site (IIS 7.0/7.5)SmarterMail > Server Configuration and Management
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration