Running postfix on CentOS 6 as an edge relay for a while now, so all our outgoing mail is routed through one point with opendkim signing the mail. This works great. I was originally using dkim-filter/dkim-milter (I believe) but switched to opendkim a couple of years back.
But one thing I've been meaning to get around to for a long time is getting the DomainKey-Signature header added in addition to the DKIM-Signature. I realise that DomainKeys is the older spec and is technically replaced by DKIM but I think there's still a reasonable number of systems that verify both (e.g.: Gmail).
Would this involve multiple milters, one for DKIM and another for the older DomainKeys?
I'm not too happy about the idea of having to maintain 2 sets of configurations and signing tables etc, as I have to add/remove relay domains reasonably frequently.
Anyone know if it's possible to add both signatures within opendkim?
The DomainKeys standard was never implemented, at least not through RFC. RFC 4870 even states at the very top:
It was obsoleted by RFC 4871 and both RFCs are dated May 2007.