It's also standard practice to use self-signed certs with mail DKIM. Mail as a protocol has, for the most part, tried to stay true to it's federated roots and most things can be implemented without dependencies on third party corporations.
I avoided DKIM till 2018 when google started accepting my mail but silently sending it to the spam folder; so I wouldn't even get a reject message. I thought it'd be to onerous to implement but rspamd's dkim signing feature made it easy to use with my locally generated self-signed certs (and postfix).
I avoided DKIM till 2018 when google started accepting my mail but silently sending it to the spam folder; so I wouldn't even get a reject message. I thought it'd be to onerous to implement but rspamd's dkim signing feature made it easy to use with my locally generated self-signed certs (and postfix).