I followed this guide
to set up domain keys with postfix and it worked perfectly.
But once I implemented MailScanner, Yahoo and Gmail complained about my emails having an invalid domain key signatures because (I think) my outgoing emails are being signed BEFORE they pass through MailScanner. Since MailScanner adds things to the email header after it was signed, it invalidates the certificate signature.
Anyone know how I can set dk-milter to sign emails AFTER it passes through MailScanner, not before?