I have a postfix/amavis relay server, with the domain name mail.example.com. It will be a relay for dozens of VPS's, which will have domains like hostname.example.net.
So i have actually two questions. Is it possible to use dkim to sign the mails originating from the VPS's over the postfix relay on the relay server? Or have the mails to be signed on the VPS's where they are actually from?
Would an amavis configuration like this be ok?
# DKIM key
dkim_key('example.com', 'dkim', '/var/dkim/DKIMkey.pem');
# Cover subdomains in @dkim_signature_options_bysender_maps= ():
@dkim_signature_options_bysender_maps = ( {
# Cover subdomains example.net.
'.example.net' => { d => 'example.com' },
});
Or have I misunderstood the whole concept? Do I even need to sign subdomains if they are going over an relay server, or is it enough to just sign the relay server domain?