On Fri, 27 Dec 2019 at 16:50, Jerry Malcolm <techst...@malcolms.com> wrote:
> I know just enough about DKIM to be very dangerous... so bear with me > here... > > I am still struggling with mail I send being bounced. In the interim to > protect my clients, I configured some of my tomcat apps to use Amazon's > SES (SMTP) service bypassing my JAMES server. I analyzed the mail sent > via AWS just to see what might be different. One thing I see is TWO > DKIM signatures... one for the "from" domain of the email and another > for the sending host domain "amazonaws.com". > > I have had JAMES configured with DKIM for years. But all I have is a > DKIM signature for my main server domain and not for each individual > sending domain. mail-tester.com hasn't complained. But again, mail is > bouncing from some domains like icloud.com, outlook.com, etc. So > "something" is still wrong.... Everything is on the table as possibly > flawed right now. > > So what is the 'right' way to do DKIM? I am going to assume that if AWS > is signing for both the virtual domain and the sending server domain, > that's probably a good thing. But I don't see a way in the JAMES DKIM > mailet to add a second signature for the sending virtual host domain. > > Am I missing something? Is my DKIM fine with only signing the basic > server? Should I continue to look elsewhere for my problems? Or should > I do additional work to start signing the virtual sending domain as well? > > Thx > > Jerry > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > > FYI My gmail client, RED flagged your message as suspicious. So I diligently read the content, then clicked the "it's safe" button. Otherwise I can't help. HTH Peter. -- Peter Henderson
