Hi,
We have a need to implement DKIM for some outbound mail. All of the
mail for this opt-in email campaign is relayed through a separate MTA
(Postfix). This domain also serves non-campaign related mail through a
number of different MTAs in our environment.
We only want to implement/sign DKIM for the opt-in campaign emails going
out the Postfix MTA. So, we generate a public DKIM key, and create a
corresponding public DNS record. We then install a dkim-milter agent on
the Postfix MTA that all of the opt-in campaign mail is relayed through.
This agent signs each email as it traverses the MTA and goes to its
final destination.
My question is, if we do not sign the non campaign email that leaves the
other MTA's in our environment, will this pose a problem for delivery of
these emails? If the DNS record exists, but the MTA is not attaching a
DKIM ID Header to the email as it leaves, will these emails be
potentially denied from ISPs that verify DKIM id's? If Yahoo, or
another ISP that verifies DKIM signatures sees that the message does not
have a DKIM header, but the domain does have DKIM public record in DNS..
will this pose a problem?
Thanks,
Josh
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops