Thanks for the link. They don't require it though, according to the doc,
they don't even enforce it for gmail when using it with own domains.
It's certainly a good practice, though, that's true.
On Sat, Sep 09, 2023 at 01:54:48PM +0900, Pontus Stenetorp wrote:
On Sat 09 Sep 2023, Stuart Longland wrote:
On 9/9/23 01:28, Tassilo Philipp wrote:
[...] I didn't bother with DKIM until Google started mandating
it for example [...[
Hm... do you have a reference for that? I don't have that
experience with gmail servers. Also I don't find info about that
being mandatory, online.
https://support.google.com/a/answer/174124?hl=en#hcfe-content
Sadly, I don't have any log messages to show, because I last had the
problem in May 2021, and my log retention does not go back that far.
At least from my experience and from reading Google's documentation, Google
does not *require* both DKIM and SPF, but has since late 2022 or early 2023
started to randomly reject e-mails that has *neither*:
550-5.7.26 This mail is unauthenticated, which poses a security risk to
the sender and Gmail users, and has been blocked. The sender must authenticate
with at least one of SPF or DKIM. For this message, DKIM checks did not pass
and SPF check for [example.com] did not pass with ip: [127.0.0.1]. The sender
should visit https://support.google.com/mail/answer/81126#authentication for
instructions on setting up authentication.
I doubt that DKIM ever hurts though if you have it set up.