Just spend a couple hours figuring out DKIM integration on my OSX Mountain Lion mail server. It was relatively easy to setup. I got the DNS records in place and all that is looking good. It makes me wonder though, how many folks running mail servers are actually signing things with DKIM?
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
DKIM, who is using it?
- Thread starter Arch
- Start date
the_servicer
2[H]4U
- Joined
- Aug 16, 2013
- Messages
- 2,094
Does this relate to Sender Policy Framework in any way? I want to learn more about that stuff.
I was using it for a couple of years. I've stopped running my own mail server for my domain now, though, so it no longer applies. I was using both Domainkeys and DKIM (I think I remember the two correctly) and have had SPF configured for a few years too.
I know that gmail will enforce it all. Not sure about any of the other major providers though.
I know that gmail will enforce it all. Not sure about any of the other major providers though.
Christopher
Gawd
- Joined
- Sep 16, 2002
- Messages
- 634
I use DKIM and SPF records on my personal mail server.
Also, Google uses DKIM on their gmail service. If gmail recieves a valid DKIM signed message it will show up in gmail with a "signed by" header that the user can inspect if they so wish.
Also, Google uses DKIM on their gmail service. If gmail recieves a valid DKIM signed message it will show up in gmail with a "signed by" header that the user can inspect if they so wish.
RocketTech
2[H]4U
- Joined
- Oct 7, 2009
- Messages
- 2,359
SPF is the big one in my experience. Then you have fine organizations like Go-Daddy, Comcast, ATT, etc that block entire ranges of IP addresses because they are sold to small business as Static. GoDaddy is the worst in my experience, with ATT being a close second. I'd have to submit IPs to GoDaddy every couple of months for unblocking, with a completely clean record on every spam list- the only flag was they were in a block of addresses supplied by an ISP.
The policy block-list is a pain in the ass. If you're hosting locally the best bet is to relay through your ISP's SMTP server. The PBL contains static / dynamic IPs for a bunch of service providers, even if their TOS doesn't prohibit servers (i.e. TWC). It's just easier to use the ISP's SMTP rather than send the email directly. That should save you some grief.