DKIM section shows verified and enabled in AWS SES console but spam checker tool shows Your message is not signed with DKIM

Question

I am using AWS SES to send emails. My domain is verified. So any sender email under this domain should be allowed. DKIM section shows it's enabled and verified.

• I have added _amazonses TXT record in my domain.
• I also added 3 TXT records in my domain provided by AWS SES for DKIM
• I also added SPF and _dmarc record in my domain

But still when I check my email with www.mail-tester.com then it shows Your message is not signed with DKIM.

but it shows SPF is valid, Your message passed the DMARC test etc. but the only problem with DKIM.

Can anyone help me with this issue?

I am using only one region for SES. But my ec2 server is not in the same region of SES, so far I know I can use in this way as all regions do not have SES support.

another info:

The famous spam filter SpamAssassin. Score: -1.1.

A score below -5 is considered spam.

does this mean my email is spam? I am asking because I am confused minus(-) sign is included in value or its a hyphen to separate the value.

please help.

Answer 1

Please copy paste OPENDKIM and POSTFIX configuration.

Full OPENDKIM config and master.cf from POSTFIX. If other mta is used post configuration on that.

Remember that it may take long time that dns updates on publickey insertion, so don't just try to config and check instantly.

This may help to get idea what publickey is used at that time:

dig TXT mail._domainkey.domain.tld @8.8.8.8

Replace mail._domainkey with your selector