Closed rocketapi closed 9 years ago
John,
Where in the Haraka documentation could we have noted the 2048 key size that you would have noticed?
Matt
Matt,
Anywhere on: http://haraka.github.io/manual/plugins/dkim_sign.html
I think the most important thing to mention is that the default is 2048, and there could be DNS providers who do not support key sizes that large.
John
On Mon, Jul 28, 2014 at 10:10 PM, Matt Simerson notifications@github.com wrote:
John,
Where in the Haraka documentation could we have noted the 2048 key size that you would have noticed?
Matt
— Reply to this email directly or view it on GitHub https://github.com/baudehlo/Haraka/issues/631#issuecomment-50429870.
John Wamer
Founder CoachYouths www.coachyouths.com john.wamer@wamersports.com http://www.twitter.com/CoachYouths
This is more of a heads up than an issue. After a very late night of fighting with my DNS I determined that my provider is not supporting dkim signing with 2048 rsa keys.
I was only able to determine this as I had previously used 1024 keys on the same provider with no issue. It was late and I did not catch the included dkim keygen packaged with haraka is set at 2048 by default (which I think is correct by the way), switched back to 1024 keys and I was able to get my dns to work properly.
The provider in question is DurableDNS (durabledns.com). While this issue was frustrating they have been very reliable over the last 4 years.
Again I think 2048 by default is the way to go, but did want to mention this in case other providers have the same undocumented limitation, maybe save some else a few gray hairs.
Thanks for the great mail server!!
John