Solk Maaker:
If user sends mail from domain1 (virtual domain) to domain2 (virtual domain) in same machine, mail is signed but signature is not verified - not OK.
From DKIM's perspective it really makes no sense to validate a signature generated by yourself.
( How often do you check your own identity card to prove that you are you? ) But I assume your problem is consistent behaviour. If that is the point you have to split mail flows: * separate system signing all submitted messages * separate system validating any inbound messages. Andreas
