Page 1 of 1

[SOLVED] The official way to generate DKIM 1024. Is there a solution?

Posted: Thu Feb 01, 2018 10:25 am
by Toru
Zimbra 8.7.11 by default generates DKIM 2048. The generated key is very long. So it turns out that some hosting providers can not resolve a long (more than 255 letters) TXT record as specified in rfc4408 https://tools.ietf.org/html/rfc4408#section-3.1.3 (for example my provider mittwald.de). So I'm forced to use a shorter key.

Here at the forum experts say (viewtopic.php?f=15&t=60548&p=277140&hilit=DKIM#p276919) that the editing script file zmdkimkeyutil is not the best idea.

Is there an official way to generate a 1024 bit key?

Re: The official way to generate DKIM 1024. Is there a solution?

Posted: Thu Feb 01, 2018 10:35 am
by jorgedlcruz
Hello,
I'm sure your provider does support 2048-bit, just contact them and send them the next:

If not, you are correct, by editing the script itself and generating 1024, which aren't very secure anymore.

Best regards

Re: The official way to generate DKIM 1024. Is there a solution?

Posted: Thu Feb 01, 2018 11:08 am
by Toru
Unfortunately, no, they can not. Below is their response:

"Our DNS servers can currently handle a maximum of 256 characters.
Unfortunately we can not add longer entries manually."

Ok, thank's for response! So then I'll edit zmdkimkeyutil.