Welcome to the mailbox user forum
You're failing GMail DKIM as "No valid DKIM" in Authentication-Results header
Published
Apparently in an attempt to address this https://userforum-en.mailbox.org/topic/2301-inconsistent-authentication-results-of-mailbox-servers-seems-potentially-risky you're now failing GMail/Google Mail via an "No Valid DKIM" line in Authentication-Results despite DKIM being present. Furthermore, there is no dkim=... entry at all in the Authentication-Results header anymore, only a dmarc=... entry. For a missing DKIM there should be dkim=none or similar. This seems like quite a mess. Also, it says "incoming_mbo" instead of a proper "something.mailbox.org" server name clients can trust.
I hope this can be fixed timely, it makes filtering malicious e-mail almost impossible based on this header.
The same problem 
No connection
Real-time notifications may not work
It would be nice if this didn't take weeks to fix. Do you have a beta program where such issues can be reported early?
It would be nice if this didn't take weeks to fix. Do you have a beta program where such issues can be reported early?
Is this still happening?
Is this still happening?
DKIM has been broken for a month now...
DKIM has been broken for a month now...
Is this fixed by now?
Is this fixed by now?
I've started a similar thread in the German forum. However, my problem has been ongoing since June 2025.
https://userforum.mailbox.org/topic/12271-mails-mit-eigener-domain-sehr-haufig-ohne-dkim-signatur
I've started a similar thread in the German forum. However, my problem has been ongoing since June 2025.
https://userforum.mailbox.org/topic/12271-mails-mit-eigener-domain-sehr-haufig-ohne-dkim-signatur
Oh, sorry, then there is probable no dependency between the two problems.
Oh, sorry, then there is probable no dependency between the two problems.
Dear Mailbox team,
Could you perhaps properly verify that this is a problem on your end? The steps are as follows:
1. SIgn up for gmail twice
2. Set up the one gmail address to forward to the other, and make the other one forward to a mailbox address.
3. Write any mail to the twice forwarded address.
4. Check the incoming mail in the mailbox.org inbox.
The incoming mail should:
1. show up as either a valid signature with this checker if you paste the source, https://www.appmaildev.com/en/dkimfile or it should show up as expired but no cryptographic mismatch.
2. the mailbox server will set the Authentication-Results header with likely the following problems: a.) the hostname will be "incoming_mbo" and not "something.mailbox.org" making identifying the trusted header difficult for downstream tools. And b.) the dkim= entry in the Authentication-Results header will either say invalid or it will be missing. And c.) the dmarc= header wilil likely indicate an invalid DKIM signature even though the third-party tool you just used claims there's a valid signature, whether expired or not.
Support keeps reverting to the position that this somehow not a problem on mailbox.org's side, even though this used to work correctly. Could you please verify with above steps that this is a mailbox.org problem? Thank you. It's been a couple of months back and forth, almost half a year with basic DKIM having issues, and this doesn't really seem productive. It seems like most things I say get lost again in later e-mails with the team. My apologies for where that is due to my suboptimal communication.
Regards,
Dear Mailbox team,
Could you perhaps properly verify that this is a problem on your end? The steps are as follows:
1. SIgn up for gmail twice
2. Set up the one gmail address to forward to the other, and make the other one forward to a mailbox address.
3. Write any mail to the twice forwarded address.
4. Check the incoming mail in the mailbox.org inbox.
The incoming mail should:
1. show up as either a valid signature with this checker if you paste the source, https://www.appmaildev.com/en/dkimfile or it should show up as expired but no cryptographic mismatch.
2. the mailbox server will set the Authentication-Results header with likely the following problems: a.) the hostname will be "incoming_mbo" and not "something.mailbox.org" making identifying the trusted header difficult for downstream tools. And b.) the dkim= entry in the Authentication-Results header will either say invalid or it will be missing. And c.) the dmarc= header wilil likely indicate an invalid DKIM signature even though the third-party tool you just used claims there's a valid signature, whether expired or not.
Support keeps reverting to the position that this somehow not a problem on mailbox.org's side, even though this used to work correctly. Could you please verify with above steps that this is a mailbox.org problem? Thank you. It's been a couple of months back and forth, almost half a year with basic DKIM having issues, and this doesn't really seem productive. It seems like most things I say get lost again in later e-mails with the team. My apologies for where that is due to my suboptimal communication.
Regards,
Replies have been locked on this page!