She opened the file. It was a cathedral of text—thousands of lines of directives, domain keys, DKIM selectors, and IP pools. It looked less like a config file and more like a spell book written by a paranoid genius.
The most delicate surgery was the DKIM signing. Without it, their emails were anonymous, unsigned letters. She generated new 2048-bit keys, linked them to the DNS records, and told PMTA:
<bounce-domain *> bounces@bounces.yourdomain.com </bounce-domain>
The CEO, a man who believed “the cloud” was a literal weather phenomenon, had demanded answers. Their marketing campaign—ten thousand personalized offers for luxury cat trees—was stuck in a digital traffic jam. Every major email provider had flagged Artemis as a potential spammer.
<source 192.168.1.10/28> allow-mail-from *@yourdomain.com require-auth yes max-message-size 10M max-recipients 100 </source>
“It’s the reputation,” said Vera, the senior sysadmin, staring at the blinking cursor. Her coffee had gone cold hours ago. “We’re not just a server anymore. We’re a suspect.”
The final step was the outbound access rules. She built a firewall in code:
<domain yourdomain.com> dkim-sign yes dkim-signature dkim._domainkey.yourdomain.com </domain>
