Emails sent from the Outlook client fail to pass “DKIM Signature Body Hash”. While Emails sent from outlook.office.com pass the hash check. All other DKIM and SPF checks pass for both the client and OWA. All this is according to mxtoolbox’s Analyze header.
But, viewing the header in gmail, it says DMARC, DKIM, and SPF all pass, with 0 issues. Should I be concerned? Also, if it is a problem, what steps do I need to take to remedy this issue?
What email server are the Outlook clients connected to? If they are using outlook.office.com, then you shouldn’t be seeing any issue unless the flow is incorrect. If they are connect to a different server, then you may have to install/setup DKIM signing on that server.
There can be multiple possible reasons for this and all is depended on how your infrastructure is setup.
Case a) Outlook uses direct SMTP server for outbound emails. Depending on the settings of that server there might not be a valid SPF or DKIM header.
Case b) Outlook uses O365, O365 is setup to use the standard DKIM signing setup of onmicrosoft selectors and your email gateway signs it again.
Case c) another routing case not covered here using relay which will break SPF and in some cases even DKIM.
-Marc
We’ve been using Sigsync Office 365 email Signature for a number of years. I like it. It grabs all of the user data from our Active Directory. We use it for branding, advertising, and disclaimers. It is very reliable and easy to use. I’ve been able to set up a single signature for an entire organization. If your comfortable making the signatures in HTML I would recommend that.