[FIXED] What happens when an old email is forwarded but the original public DKIM key that was used to check the signature has changed in the DNS settings?

Issue

What will happen on the receiving email server when it gets the forwarded email? I assume it will want to check the signature but it will think the signature is invalid. In what folder will the email land, in the inbox or in the spam folder?

Solution

I think I forgot the fact that there are two kinds of forwarding:

1. The first one is the automatic forwarding. This happens ideally pretty quickly. So before changing the DKIM public key we should wait some time or some days to allow the already signed messages to reach their destination.

2. The second one is the manual forwarding. In this case the forwarded message will be signed again with a completely new signature, with the forwarder's private key. It does not matter if the DKIM public key of the original sender has changed.

Answered By - pepe

Answer Checked By - Terry (PHPFixing Volunteer)