On Sat 09 Sep 2023, Stuart Longland wrote:
> On 9/9/23 01:28, Tassilo Philipp wrote:
> > > [...] I didn't bother with DKIM until Google started mandating
> > > it for example [...[
> >
> > Hm... do you have a reference for that? I don't have that
> > experience with gmail servers. Also I don't find info about that
> > being mandatory, online.
>
> https://support.google.com/a/answer/174124?hl=en#hcfe-content
>
> Sadly, I don't have any log messages to show, because I last had the
> problem in May 2021, and my log retention does not go back that far.
At least from my experience and from reading Google's documentation, Google
does not *require* both DKIM and SPF, but has since late 2022 or early 2023
started to randomly reject e-mails that has *neither*:
550-5.7.26 This mail is unauthenticated, which poses a security risk to
the sender and Gmail users, and has been blocked. The sender must authenticate
with at least one of SPF or DKIM. For this message, DKIM checks did not pass
and SPF check for [example.com] did not pass with ip: [127.0.0.1]. The sender
should visit https://support.google.com/mail/answer/81126#authentication for
instructions on setting up authentication.
I doubt that DKIM ever hurts though if you have it set up.
