Herr Bischoff

OpenDKIM SSL error:04091068:rsa routines:int_rsa_verify:bad signature

Whenever you run into an issue like that with OpenDKIM and Postfix in your setup, make sure the header_checks directive does not reference something like the following regex anywhere:

/^Mime-Version:/ IGNORE

This of course modifies the message before the DKIM check and will therefore make it fail.