Difference between revisions of "DKIM"
Jump to navigation
Jump to search
(adds Dave Johnson's key checker) |
(drafting) |
||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | |||
− | |||
− | |||
== Email authentication == | == Email authentication == | ||
Line 11: | Line 8: | ||
{{highlight| | {{highlight| | ||
|text=Messages with DKIM signatures use a key to sign messages. Messages signed with short keys can be easily spoofed (see http://www.kb.cert.org/vuls/id/268267), so a message signed with a short key is no longer an indication that the message is properly authenticated. To best protect our users, Gmail will begin treating emails signed with less than 1024-bit keys as unsigned, starting in January 2013. We highly recommend that all senders using short keys switch to RSA keys that are at least 1024-bits long.<ref>https://support.google.com/mail/answer/180707?authuser=2</ref>}} | |text=Messages with DKIM signatures use a key to sign messages. Messages signed with short keys can be easily spoofed (see http://www.kb.cert.org/vuls/id/268267), so a message signed with a short key is no longer an indication that the message is properly authenticated. To best protect our users, Gmail will begin treating emails signed with less than 1024-bit keys as unsigned, starting in January 2013. We highly recommend that all senders using short keys switch to RSA keys that are at least 1024-bits long.<ref>https://support.google.com/mail/answer/180707?authuser=2</ref>}} | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |
Revision as of 15:00, 14 February 2016
Email authentication[edit | edit source]
- If a message was correctly DKIM signed, a 'signed-by' header with the sending domain will appear.
- If a message was SPF authenticated, a 'mailed-by' header with the domain name will appear.
- If no authentication information exists, there will be no signed-by or mailed-by headers.
If you're a sending domain[edit | edit source]