10

We are considering implementing DKIM, the pros seem pretty obvious. Are there any cons?

I know this is a bit vague and possibly subjective so I will accept what seems to me to be the most complete answer when 24 hours have transpired with no new answers/comments.

Aaron Bush
  • 237
  • 1
  • 2
  • 10

1 Answers1

8

Incorrect implementation leading to rejected mail is the only pitfall I can think of (or slow DNS propagation causing trouble: Make sure to publish your DNS record with the key a few days before you start sending DKIM-signed mail to avoid that).

If your DomainKeys/DKIM setup is correct I don't think it can cause any problems since if the receiving end doesn't recognize the DKIM header in the email it will just ignore it like any other "noise header".

voretaq7
  • 79,345
  • 17
  • 128
  • 213
  • 3
    I agree with everything said here. The biggest pitfall is incorrect implementation. I'd also recommend doing SPF records while you are at it. – Dave Holland Feb 10 '10 at 00:39
  • 1
    +1 For DNS Propagation, hadn't thought of that. – Aaron Bush Feb 10 '10 at 15:24
  • Surely you need to do this in 2 steps? If your domain says that all mail must be signed before you start sending out emails then you'll also have problems. You'll need to add the keys to DNS, wait 48 hours, start signing emails and then modify DNS to make it required. – Matthew Steeples Oct 03 '12 at 18:56