Can I implement DKIM on one list server without affecting any other systems in my organization?
I work for a large and complex organization that has not implemented DKIM at a global level. I have no control over the policies at the top level. I would like to secure my department's list server to the greatest degree possible without affecting any other departments. I have complete control over my department's DNS and the list server. What I would like to do is to implement DKIM on the list server which is running postfix. The list server does not send email directly to the internet, it is relayed through the main corporate SMTP servers. I have found multiple posts online describing how to configure DMIK for postfix so that's not an issue. Looks pretty simple.
I've done a lot of reading on how to configure DKIM for a domain but not for a single server. I have to be sure this DKIM implementation does not affect any other departmental services. I haven't been able to find much info on this. Maybe I'm using the wrong search terms.
Yes, you will be able to selectively apply DKIM to only those emails sent via that server without affecting any others. If you are using the same domain to send emails for other departments they simply won't be signed and therefore will be dealt with as they do now, just add the public key and sign on the postfix list server.
You will need to ensure that when the emails are relayed through the gateway servers that they do not alter the DKIM headers otherwise verification could fail downstream and that could well cause deliverability issues.