Yahoo Domain Keys setup, getting dkim=permerror (no key)

I'm working on getting DKIM installed on my outgoing mail server, to help my email deliverability to my Yahoo clients (all legit emails, etc, no spamming).

I've got DKIM-Signature: and DomainKey-Signature: headers being generated, but a test mailer to my Yahoo account had this line in the headers:

Authentication-Results: mta250.mail.re2.yahoo.com from=example.com; domainkeys=permerror (no key); from=example.com; dkim=permerror (no key)

Any ideas what I may have missed?

my primary use for spf is delivering email to gmail.com. is there an alternative? does gmail support dkim?

yes gmail supports dkim

so basically DKIM can be seen as a non-bad replacement for spf?

Yes something like that.

Certain big ESPs (like Hotmail) still use SPF and not DKIM, so I wouldn't suggest removing it.

You need to support SPF, DKIM and DomainKeys they are all really needed. Google/Hotmail use DKIM, Yahoo uses DomainKeys and many others use SPF. There is no reason not to use all three.

@Dan you should really read the link in my answer. homepages.tesco.net/J.deBoynePollard/FGA/…

I've had to remove the link from this post as it has gone dead. This is why we ask people to include the relevant parts of their links in the post body.

@cstamas: that article you refer to is severely outdated, written when there was still some debate about whether or not to use SPF. None of the reasons given by Mr. Pollard have stood the test of time, and SPF is a perfectly valid tool advocated by the majority of major email systems.

@Mixologic with all due respect I disagree with that.