For organization we setup a _domainkey.domain.com as a separate zone instead of creating all our DKIM records on our root domain zone domain.com.
As a result the nameservers for _domainkey.domain.com and domain.com are different.
Is this acceptable?
Numerous ESP's are validating our DKIM setup correctly. One major ESP is not validating and they are saying it's because the nameservers for _domainkey.domain.com and domain.com must be the same in order for mail providers to pass the DKIM authentication. Yet when we send a test to Gmail it does pass DKIM.
Is this company wrong? Or can you host the two on different nameservers?