4

I'm working on getting DKIM installed on my outgoing mail server, to help my email deliverability to my Yahoo clients (all legit emails, etc, no spamming).

I've got DKIM-Signature: and DomainKey-Signature: headers being generated, but a test mailer to my Yahoo account had this line in the headers:

Authentication-Results: mta250.mail.re2.yahoo.com from=example.com; domainkeys=permerror (no key); from=example.com; dkim=permerror (no key)

Any ideas what I may have missed?

Ian
  • 1,488
  • 4
  • 26
  • 32

1 Answers1

2

You do not have the proper dns records set up.

You can test it youself with policy checker and selector checker. Here is a good tutorial for setting the right records. and also and online form for doing the same. It seems that you have SPF records. You should definitely remove them! Here is a case against spf.

cstamas
  • 6,607
  • 24
  • 42
  • my primary use for spf is delivering email to gmail.com. is there an alternative? does gmail support dkim? – Ian Jun 03 '09 at 20:44
  • 1
    yes gmail supports dkim – cstamas Jun 04 '09 at 08:05
  • so basically DKIM can be seen as a non-bad replacement for spf? – Ian Jun 04 '09 at 22:37
  • 1
    Yes something like that. – cstamas Jun 04 '09 at 22:41
  • 1
    Certain big ESPs (like Hotmail) still use SPF and not DKIM, so I wouldn't suggest removing it. – user5401 Jun 09 '09 at 14:12
  • You need to support SPF, DKIM and DomainKeys they are all really needed. Google/Hotmail use DKIM, Yahoo uses DomainKeys and many others use SPF. There is no reason not to use all three. – Dan Nov 17 '09 at 13:47
  • @Dan you should really read the link in my answer. http://homepages.tesco.net/J.deBoynePollard/FGA/smtp-spf-is-harmful.html – cstamas Dec 07 '09 at 13:26
  • I've had to remove the link from this post as it has gone dead. This is why we ask people to include the relevant parts of their links in the post body. – Mark Henderson Nov 19 '12 at 20:37
  • @MarkHenderson it is just too long. The article describes properly the issue and it was not the main question here. Otherwise thanks! readded a proper link as I found its new location with google. – cstamas Nov 23 '12 at 14:28
  • 2
    @cstamas: that article you refer to is severely outdated, written when there was still some debate about whether or not to use SPF. None of the reasons given by Mr. Pollard have stood the test of time, and SPF is a perfectly valid tool advocated by the majority of major email systems. – Mixologic Dec 19 '12 at 16:52
  • @Mixologic with all due respect I disagree with that. – cstamas Dec 20 '12 at 10:27