Amavis - DKIM sign 256 or 1024 bits?
Jernej Porenta
jernej.porenta at arnes.si
Wed Nov 7 09:50:33 CET 2012
Just for info:
This morning MAAWG published recommendations on keeping DKIM keys secure:
http://www.maawg.org/sites/maawg/files/news/M3AAWG_Key_Implementation_BP-2012-11.pdf
cheers, Jernej
On Nov 5, 2012, at 3:38 PM, Patrick Ben Koetter <p at sys4.de> wrote:
> * gedir.goncalves at bndes.gov.br <gedir.goncalves at bndes.gov.br>:
>> Hi, good morning.
>>
>> I would like to take a doubt with colleagues from the list.
>>
>> I installed and I enabled Amavis 2.6.6 in environmet of the test, I
>> created DKIM Key 1024 bit and sign is working properly. But I have a
>> doubts, when I see the message header I see that the signature is recorded
>> 256.
>
> amavis creates 1024 bit size keys be default. You can override that and use
> less that 512, but no less or up to 4096, but not more:
>
> $nbits = 1024 if !defined($nbits) || $nbits eq '';
> $nbits =~ /^\d+\z/ or die "Number of bits in a key must be numeric\n";
> $nbits >= 512 or die "Number of bits too small (suggested 768..1536)\n";
> $nbits <= 4096 or die "Number of bits too large (suggested 768..1536)\n";
> defined $fname && $fname ne '' or die "File name for a key not provided\n";
>
>
> p at rick
>
> --
> [*] sys4 AG
>
> http://sys4.de, +49 (89) 30 90 46 64
> Franziskanerstraße 15, 81669 München
>
> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
> Aufsichtsratsvorsitzender: Joerg Heidrich
>
More information about the amavis-users
mailing list