Since we don't seem to handle your inbound mail flow for that domain, I actually think you may want to just send mail out using easydns' outbound systems. Presumably that's all well integrated on their end and you won't have to deal with adding any records and so on. If for some reason that isn't possible we can probably make something work for you but I'll be honest that I'd recommend against it. You're better of not relying on that kind of one-off config provided by us in the long term - the mechanisms to support it are in place, however.dhwalker wrote: ↑Wed Jan 10, 2024 1:19 pm I have created net23._domainkey.walkerstreet.info as a CNAME pointing to net23._domainkey.sonic.net. I've also created dmarc.walkerstreet.info as a TXT containing "v=DMARC1; p=none; rua=mailto:admin@walkerstreet.info;" I've had an SPF record in place for several years.
Questions
- I'm not seeing DKIM signatures in my outgoing mail. Do I need to do something to request that Sonic does that? I notice that kgc said "I'd actually suggest that you have us become your MX server which would get your domain into our backend systems in a way that would allow it to be signed provided the proper DNS records were also added at your registrar" on 1/4/2024, but I'm not sure what that means in this context. I can certainly create an MX record for walkerstreet.info that points to mail.sonic.net (if that would be the correct destination), but I'm not sure how Sonic would be notified that I had done that.
- Do we know if net23 is always the correct DKIM selector to use? It'd be good to have Sonic confirm that.
That said, in cases where we don't control DNS, yes, you will need to inform us that the records in place. We don't have an official procedure in place yet and I'm working on some config management tools now that will generally add and remove the configs for domains we handle inbound flow for from the DKIM signing based on the presence of the correct DNS records. In the meantime, an email to support stating that you've added the CNAME records and would like us to start signing your domain should be sufficient to kick it off.
Regarding the selector, net23 is correct now. We have no determined a policy or procedure for migrating to a new selector yet but it would clearly involve notice to customers responsible for maintaining their own DNS records.