Valid DKIM but "body hash did not verify" error on Outlook / Hotmail / Live?
Solution 1
This was an issue with special characters for us. Compare source code or the 'original' email in Gmail vs. source code of the same email in Hotmail and you will find the ones causing DKIM to fail. It was the -- and ' characters for us (encoded with words, not numbers.) It was okay if it is encoded in HTML, but not if it is added as text, and then pasted inside the HTML.
Microsoft is not recognizing them, applying canonicalization, and removing them which is causing the body hash to not verify.
Solution 2
I am using PHPMailer and I had the same issue where my DKIM keys were functional in testing and then starting failing in production. It turned out that my production code was inserting a space at the end of the $body variable that was being fed into $mail-> Body = $body and this was causing my body hash did not verify error.
Persson
Updated on September 18, 2022Comments
-
Persson almost 2 years
Why do I get dkim=fail (body hash did not verify) on Outlook / Hotmail / Live when I have a valid DKIM setup in place?
I've made sure that my SPF, DKIM, DMARC records are set up correctly and the DKIM record on my domain matches my servers DKIM key.
When sending emails from my domain to Google etc, I get SPF = Pass, DKIM = Pass, DMARC = Pass and it's over a secure connection. All good.
When sending to Outlook.com with the same config I get the error: dkim=fail (body hash did not verify). Why ?
Does anyone have an idea why that is?
I'm using Postfix on Debian 9 with SpamAssassin.
My DNS records are old, it's not because of DNS propagation.
I'm using Thunderbird as a client to send emails.-
Admin over 5 yearsPlease let me know if you need more information.
-
-
Jan Ehrhardt about 3 yearsThanks. In my case the 'ë' was causing the trouble in the HTML part of the body. I replaced it with a 'ë' and got a 'dkim=pass'.
