I’m currently sending all transactional emails from my Ghost install directly, and have got emails coming through with a good reputation and avoiding spam.
However I want to provide an additional layer of security and include DKIM. Is there a way for me to configure Ghost to sign transactional emails with DKIM?
DKIM provides a digital signature in the email that the receiving email server can check. There’s nothing to do in Ghost; you need to configure your domain and outgoing email server.
I use Cloudflare for DNS and Mailgun for transactional (and bulk) email, but the steps are broadly the same for any services. These guides may help you.
If you’re using Postfix, you can add DKIM by installing and configuring OpenDKIM. I did this at one point, and I think I used this guide. (I did eventually decide it was too complicated to send transactional emails that way and now just use Mailgun for everything.)