blob: 00f60624290854ba2fd8ea631454e278283befe4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
So anyone receiving an e-mail from `fripost.org`'s outgoing SMTP server
(possibly indirectly) can decide whether it's legit or tampered with.
The DKIM public key should be added to `fripost.org`'s DNS zone as a TXT
record, as follows:
20140112._domainkey.fripost.org. 86400 IN TXT "v=DKIM1\; k=rsa\; p=…"
Having one sub-domain (here `20140112`, the date where the key was
generated) is what Google does; that's a clever way to allow multiple
keys, which is useful for a smooth transition to a stronger key for
instance.
See RFCs [6376](https://tools.ietf.org/html/rfc6376) and
[7001](https://tools.ietf.org/html/rfc7001) for references. The
[Wikipedia page](https://en.wikipedia.org/wiki/Dkim) might be another
good read.
[[closed]]
|
