Loopia's maximum length for TXT records is 255 chars.

So unfortunately we can't fit a 2048-bits RSA key.

3 files changed, 3 insertions, 3 deletions

diff --git a/roles/amavis/handlers/main.yml b/roles/amavis/handlers/main.yml
index 1abc299..ab974e6 100644
--- a/roles/amavis/handlers/main.yml
+++ b/roles/amavis/handlers/main.yml
@@ -3,7 +3,7 @@
   service: name=clamav-daemon state=restarted
 
 - name: Publish the public key to the DNS zone
-  # See the output of 'sudo genkeypair.sh dkim --privkey=/var/lib/dkim/outgoing.fripost.org.key'
+  # See the output of 'genkeypair.sh dkim --privkey=/path/to/key'
   fail: "msg={{ dkim.stdout }}"
 
 - name: Restart Amavis
diff --git a/roles/amavis/tasks/main.yml b/roles/amavis/tasks/main.yml
index 00e8c40..6965c07 100644
--- a/roles/amavis/tasks/main.yml
+++ b/roles/amavis/tasks/main.yml
@@ -37,7 +37,7 @@
         mode=0755
 
 - name: Generate a private key for DKIM signing
-  command: genkeypair.sh dkim --privkey=/var/lib/dkim/outgoing.fripost.org.key --dns=outgoing -t rsa -b 2048
+  command: genkeypair.sh dkim --privkey=/var/lib/dkim/20140703.fripost.org.key -t rsa -b 1024
   register: dkim
   changed_when: dkim.rc == 0
   failed_when: dkim.rc > 1
diff --git a/roles/amavis/templates/etc/amavis/conf.d/50-user.j2 b/roles/amavis/templates/etc/amavis/conf.d/50-user.j2
index adafd7f..84814ca 100644
--- a/roles/amavis/templates/etc/amavis/conf.d/50-user.j2
+++ b/roles/amavis/templates/etc/amavis/conf.d/50-user.j2
@@ -31,7 +31,7 @@ undef $enable_dkim_signing;
 $enable_dkim_signing = 1;
 # Sign *all* outgoing mails with *our* key (yes, amavis complains, but this is
 # safe as we force our domain with the 'd' tag).
-dkim_key(qr'^', 'outgoing', '/var/lib/dkim/outgoing.'.$mydomain.'.key');
+dkim_key(qr'^', '20140703', '/var/lib/dkim/20140703.'.$mydomain.'.key');
 @dkim_signature_options_bysender_maps = (
     { '.' => { d => $mydomain
              , a => 'rsa-sha256'