domainname setting q?

From: James Cloos <>
Date: Wed, 11 Sep 2013 13:20:22 -0400

For hosts which only ever send mail with from addresses _at_ their own
hostname, should that hostname be used as the dkim domainname?

Ie, given the zone, an existing dkim record for (which is used for mail sent from
any addresses) and a host named
where is a terminal record in the zone, is it
best to use with t=s for mail sent
directly by with from addresses?

Or is it better to leave terminal, and use w/o t=s for the dkim rr?

Part of the question is whether there is value in ensuring that non-apex
hostnames are terminal in the zone. And, if so, whether that outweighs
the value of limiting a given dkim key pair to a specific _at_host.

James Cloos <>         OpenPGP: 1024D/ED7DAEA6
Received on Wed Sep 11 2013 - 17:22:24 PST

This archive was generated by hypermail 2.3.0 : Wed Sep 11 2013 - 17:36:01 PST