Zimbra 8.7.11 by default generates DKIM 2048. The generated key is very long. So it turns out that some hosting providers can not resolve a long (more than 255 letters) TXT record as specified in rfc4408 https://tools.ietf.org/html/rfc4408#section-3.1.3 (for example my provider mittwald.de). So I'm forced to use a shorter key.
Here at the forum experts say (viewtopic.php?f=15&t=60548&p=277140&hilit=DKIM#p276919) that the editing script file zmdkimkeyutil is not the best idea.
Is there an official way to generate a 1024 bit key?
[SOLVED] The official way to generate DKIM 1024. Is there a solution?
-
jorgedlcruz
- Zimbra Alumni
- Posts: 2782
- Joined: Thu May 22, 2014 4:47 pm
Re: The official way to generate DKIM 1024. Is there a solution?
Hello,
I'm sure your provider does support 2048-bit, just contact them and send them the next: If not, you are correct, by editing the script itself and generating 1024, which aren't very secure anymore.
Best regards
I'm sure your provider does support 2048-bit, just contact them and send them the next: If not, you are correct, by editing the script itself and generating 1024, which aren't very secure anymore.
Best regards
Re: The official way to generate DKIM 1024. Is there a solution?
Unfortunately, no, they can not. Below is their response:
"Our DNS servers can currently handle a maximum of 256 characters.
Unfortunately we can not add longer entries manually."
Ok, thank's for response! So then I'll edit zmdkimkeyutil.
"Our DNS servers can currently handle a maximum of 256 characters.
Unfortunately we can not add longer entries manually."
Ok, thank's for response! So then I'll edit zmdkimkeyutil.