On 2023-10-28 Larry Doolittle <la...@doolittle.boa.org> wrote: > Andreas -
> On Mon, Oct 16, 2023 at 10:53:17AM -0700, Larry Doolittle wrote: > > My use case is being stuck behind an ISP's firewall, > > so the smarthost is supplied by the ISP. When the ISP > > delivers the mail to gmail, google needs some indication > > that the mail I sent is really from me. That's where DKIM comes in. > > I _am_ me, so I can make my exim MTA "sign" the message with DKIM > > on its way to the smarthost. > And to complete the story, my ISP's smarthost _isn't_ me, and its > smarthost therefore not qualified/authorized/entrusted-with-the-domainkey > and _can_not_ add the DKIM headers itself. > Are you convinced? Is further discussion needed? Just to be clear: You have got a domain but lack both control of a machine that is not blocked from accessing outgoing port 25 (and could deliver) and the domain package does also lack a smarthost for that domain that would apply a dkim signature? cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'