DKIM Signing advise needed please
Question asked by Debby Coutinho - June 23, 2016 at 2:35 PM
Unanswered
Hi,
 
Maybe there is someone here that can clarify something for me please. We want to send out some bulk mails for customers, basically we have an application that generates the emails and uses a delivery domain to send the mails out as bounce@domain1.com, but the "from" address is the clients domain, ie newsletters@domain2.com. 
 
  1. We setup a free version of smartermail on a server, with the 1st domain,  domain1.com and a user called bounce@domain1.com, which the app authenticates and sends the mails via this user account.
  2. We added DKIM signing to this domain, and if we send from this domain everything works and gets signed, etc and is 100% OK.
     
  3. When we send out via the app, the mail is not signed. This I assume is because the domain itself is not enabled/created on this server. 
     
  4. I read this article (blogs.msdn.microsoft.com/tzink/2013/04/27/how-to-setup-dmarc-records-if-you-are-outsourcing-some-or-all-of-your-email-part-1) regarding setting up dkim if you outsource your email sending. there are a few ways of setting this up, where the client can publish records and give the public key to the sender, or the sender can publish rules and give to the client, etc. 
 
Can you advise me on the following
  • can emails be signed sending out this way, where there is only the "delivery domain" on the server ?
  • does the mail sending app need to sign the emails ?
  • Can the dkim signing be setup on the sending domain, ie selectors, with the public key from the clients domains, where the server will be able to sign the emails using these keys for the clients domain ?
  • What would be the best approach to achieve this where the emails can be sent from the customers domain and DKIM signed, the spf records are not an issue, we have included our ip in the clients spf record, but the dkim signing has me snookered :-)
 
Any help would be appreciated.

1 Reply

Reply to Thread
0
See this post you need to setup domain 2 as an alias then add the domain key TXT record to domain 2 DNS (same one as you have for Domain 1:

Reply to Thread