1 Topic by mindaugas

  • mindaugas
  • Member
  • Offline
  • Registered: 2015-09-14
  • Posts: 16

Topic: How bad is to have DKIM signature enabled, without dns txt record

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

How bad is to have DKIM signature enabled, with no  dns txt record suppied?

Is it better not to have signature at all?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: How bad is to have DKIM signature enabled, without dns txt record

It's better to sign DKIM signature and public correct public key in DNS record.

How to use signed DKIM signature is totally up to the recipient server, usually SpamAssassin just gives it a low score if signed but invalid (no DNS record or incorrect).