I know just enough about DKIM to be very dangerous... so bear with me
here...
I am still struggling with mail I send being bounced. In the interim to
protect my clients, I configured some of my tomcat apps to use Amazon's
SES (SMTP) service bypassing my JAMES server. I analyzed the mail sent
via AWS just to see what might be different. One thing I see is TWO
DKIM signatures... one for the "from" domain of the email and another
for the sending host domain "amazonaws.com".
I have had JAMES configured with DKIM for years. But all I have is a
DKIM signature for my main server domain and not for each individual
sending domain. mail-tester.com hasn't complained. But again, mail is
bouncing from some domains like icloud.com, outlook.com, etc. So
"something" is still wrong.... Everything is on the table as possibly
flawed right now.
So what is the 'right' way to do DKIM? I am going to assume that if AWS
is signing for both the virtual domain and the sending server domain,
that's probably a good thing. But I don't see a way in the JAMES DKIM
mailet to add a second signature for the sending virtual host domain.
Am I missing something? Is my DKIM fine with only signing the basic
server? Should I continue to look elsewhere for my problems? Or should
I do additional work to start signing the virtual sending domain as well?
Thx
Jerry
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
