My server is handling mail for several virtual users and domains. The SPF records of the domains state that only the MX server is allowed to send mail (v=spf1 mx -all
) and this MX server is a generic domain, so example.org
and example.com
have mail.example.net
as MX. If I also want to implement DKIM, does each virtual domain needs its key in DNS and each outgoing mail must be signed using the domain's key, or does only the MX need a DKIM key and all outgoing messages, regardless which domain the From
header states, is signed using the MX domain key?
Edit: Just to clarify, mails sent are From: bob@example.org
, From: alice@example.com
but are all sent via the server mail.example.net