blob: 7c564aeb6e05d5a492d3dfabb88e7d5df5fce88a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
So anyone receiving an e-mail from `fripost.org`'s outgoing SMTP server
(possibly indirectly) can decide whether it's legit or tampered with.
The DKIM public key should be added to `fripost.org`'s DNS zone as a TXT
record, as follows:
20140112._domainkey.fripost.org. 86400 IN TXT "v=DKIM1\; k=rsa\; p=…"
Having one sub-domain (here `20140112`, the date where the key was
generated) is what Google does; that's a clever way to allow multiple
keys, which is useful for a smooth transition to a stronger key for
instance.
See RFCs [6376](https://tools.ietf.org/html/rfc6376) and
[7001](https://tools.ietf.org/html/rfc7001) for references. The
[Wikipedia page](https://en.wikipedia.org/wiki/Dkim) might be another
good read.
|
