- Newest
- Most votes
- Most comments
I solved this problem as follows:
- In SES settings I disabled DKIM signing for the domain.
- I added the email addresses that I use in WorkMail to the identities (SES settings) and set DKIM signing and a custom MAIL FROM domain for each (same as the one for the main domain).
- I created SMTP credentials in SES and then added those to the "SMTP gateways" tab in WorkMail.
- Then just create a rule in the "Outbound rules" tab for all email addresses to send messages through the selected SMTP gateway.
That's it.
Hi Osvaldo,
Thank you for your suggestions. Unfortunately, nothing with the proposed solutions is possible.
- I haven't found any option/settings to change DKIM signatures.
- There is no such option.
- My DKIMs are set correctly. If I disable DKIM signing, amazonses.com appears in the signatures instead of my domain. However, in this case I can send emails.
- As I wrote, with DKIM signatures disabled in SES you can send emails without any problems.
I have tried sending emails from both Amazon WorkMail Webmail and Outlook. I have experienced the problem with both.
Based on the information available, I understand that Workmail uses SES as the default option for sending and receiving emails.
So if I define and use my own SES SMTP gateway, it will probably insert the DKIM signature information twice in the header.
Any other suggestions?
The error message Duplicate header 'DKIM-Signature
suggests that there are two DKIM-Signature
headers in the email being sent, which is not allowed by the SMTP
protocol. This is not typically related to the region in which your services are located. Here are a few steps you can take to troubleshoot and resolve this issue:
-
Ensure that your email does not include multiple DKIM-Signature headers. This could happen if your email client or server is adding a DKIM-Signature header and Amazon SES is also adding one. -
Double-check your Amazon WorkMail configuration to ensure that it is not adding aDKIM-Signature
header to outgoing emails. If it is, you might need to disable this feature or adjust the settings to prevent duplicate headers. -
Review your Amazon SES configuration to ensure that it is correctly set up for DKIM. Make sure that the DKIM settings in SES are not conflicting with any headers added by your email client or server. -
Try sending a simple test email without any additional headers or customizations.
This can help determine if the issue is with the email content or the configuration of your services.
The fact that both SES and WorkMail are in the same region should not be the cause of this issue. Also you can try to debug this using the SMTP 554 transaction failed post.
Resource:
Can you point to an RFC that states a duplicate DKIM-Signature headers is not allowed? I do not believe that is correct, RFC6376 explicitly states that multiple DKIM signatures are allowed.
Relevant content
- asked 4 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
You might find this guide helpful for configuring your WorkMail and SES: Link to the guide. It could provide you with more insights into the configuration process.