On 12/12/11 10:50 PM, SM wrote: > At 07:15 12-12-2011, Anthony Piccione wrote: >> We have DKIM set up and working on our primary domain and would now >> like to have another domain setup for use in sending emails. >> For DKIM to also work on this second domain: >> 1) Does the second domain need to resolve to the same IP address as the >> first? > No, DKIM is not tied tied to an IP address. > >> 2) Do we need a separate txt record created for the second domain? > Yes, if you are using more than one domain for DKIM signing the > messages you send. Not entirely.
When DKIM is to obtaining greater acceptance or impose stricter acceptance policies, an Author-Domain signature should be used where practical. Exceptions might be made for Parent Domain signatures, but such exceptions would not be in compliance with ADSP. When a parent domain is deemed adequate to protect against intra-domain spoofing, then just a parent domain signature can be used. This means a single DKIM public key record could be applied against several sub-domains. When there is no immediate relationship with that of the Author-Domain, a single signature could be used for all email signed. A mailing-list could be such a case. It would be possible for each individual domain to then separately authorize this single signature within a single ATPS transaction. -Doug _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
