These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for DKIM Works Fine But Should I Use It For Incoming? on the new forum.
Web Hosting and Cloud Computing Control Panels
I have also experimented with using DKIM for some of my domains. My theory for both DKIM and SPF is, if you have enabled it, but something isn't configured correctly, then your mail should be bounced. Also a big issue with both DKIM and SPF is making sure you have everything covered as far as signing all mail for the domain, and making sure you know where mail is coming from for the domain.
Of the two, I prefer to use SPF, as it is the most effective. Once I am 100% sure I have configured the record to encompass all senders, then I set it from Neutral (?) to Fail (-)
I have every reason to believe DKIM is working perfectly. It just appears that too many other mail servers aren't using DKIM signing, so I'm rejecting valid email as well as spam.
It's looking like it's not a good idea to have "Reject incoming email with invalid DKIM signature?" set to yes, so I have now disabled it.
However the default was set to "Yes", which I took as the suggested preference. I'm thinking now the default should probably be "No".
Brian
If you have DKIM or SPF setup incorrectly, your mail should be bounced. There is no excuse to have broken DKIM/SPF running.
That setting only rejects mail with a invalid signature, it doesn't reject mail without DKIM. Yes is a good default.
Ahhh, well that changes everything than doesn't it.
What does it mean when the reject notice reads:
Feb 23 13:10:13 secure postfix/cleanup[23508]: 5AEAD1528D91: milter-reject: END-OF-MESSAGE from cp3.worldpath.net[64.140.224.214]: 4.7.1 Service unavailable - try again later;