From 33e2114339219e0947ccb50ffb2b9f00edaa83c1 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Fri, 1 Nov 2019 17:52:10 +0100 Subject: DKIM: clarify policy for dedicated DKIM key material. --- e-post/doman.mdwn | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/e-post/doman.mdwn b/e-post/doman.mdwn index 2a5831b..b7b8543 100644 --- a/e-post/doman.mdwn +++ b/e-post/doman.mdwn @@ -168,8 +168,12 @@ receiver's mail client might emphasize that your messages are signed by Fripost's key and not your own (GMail [surely does](https://support.google.com/mail/answer/1311182), for instance). This doesn't really disclose anything as our domain can be -found in the mail header anyway, but if you prefer to have your own key -drop us a line, we will find something out. +found in the mail header anyway, but feel free to drop us a line if you +prefer to have a dedicated key pair for your domain. +(In that case we'll generate the key material ourselves, and +[*publish*](https://git.fripost.org/fripost-ansible/tree/certs/dkim) its +public part, as well as the signing domain identifier and selector used +in the `DKIM-Signature` header field.) Should I publish a SPF (Sender Policy Framework) record for my domain? ---------------------------------------------------------------------- -- cgit v1.2.3