record DKIM on IONOS makes sense?
it is IONOS who signs those emails, right?
It would be, if they signed them. But they don't. (But they should.)
Here are some excerpts of a conversation I had less than 10 minutes ago with their support team (emphasis added):
IONOS
: Hello there. I understand that you want to add a DKIM. Unfortunately we don't have a DKIM record in IONOS. You can instead a Dmarc record and SPF record to authenticate your emails.
Me
: Er, to clarify- are you saying that IONOS e-mail hosting does not use or support DKIM authentication of outbound mail?
IONOS
: Yes. That is correct. We do not have a DKIM record. But you can use an SPF record . SPF record is enough to authenticate your emails
Me
: Do you know when/if IONOS will add DKIM to outbound e-mails?
IONOS
: I'm not sure if they will integrate a DKIM in our current mailing system. And also it make time some time for that to happen.
But rest assured I will forward your concern to our administrators, product engineers / system engineers.
'Tis the wild west over there. Not a cryptographic signature in sight. Set your DMARC to SPF-only until you can shell out for a 21st-century mail host.