Multiple DKIM signing keys per domain

mailcow / mailcow-dockerized

mailcow: dockerized - 🐮 + 🐋 = 💕

https://mailcow.email

GNU General Public License v3.0

8.8k stars 1.17k forks source link

Multiple DKIM signing keys per domain #5637

Closed wege2003 closed 9 months ago

wege2003 commented 9 months ago

Summary

Hi together,

i just want to request the following feature:

My Domain: example.com DKIM Keys: selector1._domainkey selector2._domainkey

Is it possible to create two DKIM keys for one Domain in mailcow. I think with postfix and opendkim should it possible or?

Can someone help me?

Motivation

Reduancy for the DKIM Keys

Additional context

No response

DerLinkman commented 9 months ago

Possible (if we implement it) @dragoangel?

dragoangel commented 9 months ago

What a point just currios? You will always sign with only one key. Usually you just not dropping instantly old key after adding new one. We can add "switch button" to place only actual keys in redis and store them in MySQL db permanently

DerLinkman commented 9 months ago

Yeah you're right. I misread the issue...

dragoangel commented 9 months ago

@wege2003 just to clarify - you can achieve it by adding additional mail domains aka dkim-reductancy-s1.example.com and dkim-reductancy-s2.example.com (with Global Address List turned off) and adding selector1 and selector2 to domains accordingly. Then you can utilize Duplicate DKIM record to override at some point selector1 by coping key from dkim-reductancy-s1.example.com to example.com or if you want change to selector2 - duplicate key from dkim-reductancy-s2.example.com to example.com.

Sounds hacky? Yep, but doing what you need and without any change or harm to system.