Hi,
I have been (finally!) looking at setting up DKIM on my outgoing exim
relay.
It is set up to handle several domains for incoming and outgoing mail.
I have been trying to find good resources for how DKIM is commonly deployed
on The Internet: all the DKIM RFCs and early guides seem to shift almost
all of the policy decisions to the implementors and documentation from them
seems to be sparse or confusing!
It seems to me that the DKIM signing domain (the d= field in the DKIM
header) is the "reputation" that becomes associated to the domain and
doesn't have to correspond to the actual domain in the From: address or
other headers or the SMTP greetings.
https://support.google.com/a/answer/174124?hl=en
Seems to support this, saying "If you don't generate your own DKIM domain
key, Gmail signs all outgoing messages with this default DKIM domain key:
d=*.gappssmtp.com"
So, my question is, what should I use in the d= field for my server?
I have a low enough volume that Google Postmaster tools won't tell me
anything about my domain.
Should I use "my" domain and associate that reputation with all outgoing
mail across all domains in the hope that it will earn me a good reputation
by aggregating all my volume into one place?
...or should I use the domain of the sender of the eMail and generate a
DKIM key for each of them and let them accrue their own reputations that
they can take with them if they decide to host elsewhere in the future?
Thanks for any tips you can give me about the best course of action and how
my DKIM signatures will be interpreted by the current common receiving
implementations.
Best wishes,
@ndy
--
andyjpb@???
http://www.ashurst.eu.org/
0x7EBA75FF