Ideal DKIM settings when using external relay?
-
I am currently using the Cloudron mail server for incoming mail and set the outgoing SMTP to use Amazon SES. It works very well, and the SPF, DKIM, and DMARC settings are all working.
When checking headers on mail sent from my domain (through SES), I notice the following:
- 2 dkim=pass results. Both of these match headers of the Amazon DKIM CNAME records (Amazon provides 3 of them, and it always checks 2 of them).
- 1 dim=fail result for the cloudron header, which was initially set when first setting up the email server (before adding the external relay).
I attempted removing the cloudron header DKIM TXT record, and it resulted in a dkim temporary error as it was still expecting a signed DKIM result.
The emails are getting delivered just fine (including to Google and Microsoft accounts), so I think the settings aren't hurting anything.
But I'm wondering what the best setting is when choosing to use the DKIM records for the external relay? After setting it up, I noticed the Cloudron docs for Amazon SES suggests not using the DKIM settings for AWS and to simply rely on the Cloudron ones. However, I don't remember that being an option when I initially set up my domain in AWS SES.
Thanks!
