キャンセル
次の結果を表示 
次の代わりに検索 
もしかして: 
cancel
383
閲覧回数
1
いいね!
2
返信

DKIM Behavior on non signed Mails when DKIM Key publication in DNS

mailsecurity
Level 1
Level 1

Hi - we want to set up DKIM for outgoing mail traffic step by step.

We have created a DKIM Key and integrated it on the ESA (Signing Profiles, Signing Keys..)
DKIM Signing is not yet enabled on Mail FLoy Policy for outgoing Mails.
Next we plan to publish the DKIM PUB Key in Internet DNS.

Question - As long as we do not sign outbound on the ESA DKIM yet:
Does publishing DKIM key have consequences on non-signed mail?
We have no experience how remote MTA's handle Mails when

  • DKIM icomming check is enabled (Receiver)
  • DKIM key is published (by us)
  • Sending mail is not signed (by us or 3rd Party Service)

Thanks for experience!!!!

2件の返信2

The recipient system won't go looking for your DKIM records until you start signing mail.

For new DNS entries, generally you just need to give your DNS provider enough time to replicate your new record before you start signing. This is probably just a few minutes at most.

As a rule of thumb, you can publish your DKIM records, and then use Dig, or nslookup pointed at Google (8.8.8.8)or Cloudflare (1.1.1.1) to lookup your record. As soon as they return it, you can start signing mail.

mailsecurity
Level 1
Level 1

THX Ken!!