I have two WordPress sites on a droplet.
The signed by is correct, which is signed by domain2.com.
I guess that’s the reason why it gets into spam folder? Because it’s mailed by other domain.
I have Postfix and OpenDKIM on the droplet.