I'm doing some research in how to setup DKIM for the company I work for. We are an email service provider and we use two c350d appliances (AsyncOS for Email Security 7.0) to sent out bulk email (permission based, opt in) for our clients. My question is about a 'DKIM for ESP configuration'. Hope you can point me in a good direction.
I have a few clients for who we setup DKIM to sign message headers and this works fine. But, it's a big operation to get all (about 300) of our clients to have them place a txt record into their DNS and also it's hard to join feedback loops who require DKIM to join. For every client we need to set it up.
So, I've looked around and read some articles, and I think we can sign our outbound messages and use the domain of our Return-path.
Any idea how to set this up using the domain profiles?
This is an example I found in my inbox from one of our appreciated fellow esp colleagues, and I hope we can do this too:
Received: by 10.216.172.143 with SMTP id t15cs126974wel;
Wed, 28 Apr 2010 06:04:34 -0700 (PDT)
Received: by 10.216.88.148 with SMTP id a20mr4793541wef.124.1272459873705;
Wed, 28 Apr 2010 06:04:33 -0700 (PDT)
Return-Path: <[email protected]>
Received: from xxx (mta010.esp.com [xxx.xxxx.xxx])
by mx.google.com with ESMTP id z13si5329866wbd.37.2010.04.28.06.04.32;
Wed, 28 Apr 2010 06:04:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates xxx.xxx.xxx.xxx as permitted sender) client-ip=18.104.22.168;
dkim=pass [email protected]
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; s=sel001; d=esp.com;
When I setup a domain profile for our bounce domain, I cannot have users from a different 'From' domain attached to the profile. This keeps the mail sent out by our clients from being signed.
Thank you, hope I made this a little bit to understand for you guys.