Hi, We have a need to implement DKIM for some outbound mail. All of the mail for this opt-in email campaign is relayed through a separate MTA (Postfix). This domain also serves non-campaign related mail through a number of different MTAs in our environment.
We only want to implement/sign DKIM for the opt-in campaign emails going out the Postfix MTA. So, we generate a public DKIM key, and create a corresponding public DNS record. We then install a dkim-milter agent on the Postfix MTA that all of the opt-in campaign mail is relayed through. This agent signs each email as it traverses the MTA and goes to its final destination. My question is, if we do not sign the non campaign email that leaves the other MTA's in our environment, will this pose a problem for delivery of these emails? If the DNS record exists, but the MTA is not attaching a DKIM ID Header to the email as it leaves, will these emails be potentially denied from ISPs that verify DKIM id's? If Yahoo, or another ISP that verifies DKIM signatures sees that the message does not have a DKIM header, but the domain does have DKIM public record in DNS.. will this pose a problem? Thanks, Josh _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
