> Or is there some criteria to determine which domain name
> should have the DKIM signature? Is there a penalty score if one or
> the other is missing?
It's doesn't make much difference, unless there's a whitelist involved.
On 24.09.20 08:54, Alan Hodgson wrote:
If you publish a DMARC record, DMARC requires that the DKIM signing domain be
aligned with the From: header domain in order to pass. SA doesn't currently
check DMARC I don't think but lots of other receivers do.
It's not necessary if the SPF passes just for completeness.
It's of course better to have mail signed by matching domain.
And even if you don't want to publish DMARC records now it's probably best
practice to sign with the organizational domain of the From: header. A DKIM
signature from an unrelated domain doesn't really say anything except that the
message wasn't altered in transit.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #98652: Operation completed successfully.
