DKIM signing per domain

[lodex]

We are currently evaluating PMG as a gateway for a Zimbra instance, designed to serve >32 domains in its final form. Currently, Zimbra signs every domain with a seperate key and we would like to let PMG do the DKIM signing in the future. However, currently PMG supports only one key for all domains. Before opening a feature request in Bugzilla, is there any obvious reason against implementing a feature to allow configuration of DKIM keys/selectors per domain?

 

[Stoiko Ivanov]

We are currently evaluating PMG as a gateway for a Zimbra instance, designed to serve >32 domains in its final form. Currently, Zimbra signs every domain with a seperate key and we would like to let PMG do the DKIM signing in the future. However, currently PMG supports only one key for all domains. Before opening a feature request in Bugzilla, is there any obvious reason against implementing a feature to allow configuration of DKIM keys/selectors per domain?

see https://bugzilla.proxmox.com/show_bug.cgi?id=3328

I currently don't really see the need for this - the signing instance is PMG - why should it need to identify by more than one public key?

 

[lodex]

I guess it comes down to convenience and minimizing impact. It would allow us to keep using the keys generated in Zimbra and just migrate them to PMG, without having to change DNS entries. In addition, it would be more in line with how bigger E-Mail service providers handle those things. All in all, as you already stated in the Bugzilla entry, it would be nice to have.