> One should be aware that DKIM keys will used to apply signatures which mostly
> will be used only once - at the time of message delivery - and then never
> again. They don't face the same security requirements regarding long term
> stability like keys material for message encryption.
The signature is only verified once (typically), but that same key is used to
sign every message sent, and you really do need to protect that private key
just like any other private key. If someone got hold of that key, they could
sign Emails using your domain as the sender and they'd look quite legitimate.
All our mail relays have their own keys.
- Bluejay Adametz
Real Time, adj.:
Here and now, as opposed to fake time,
which only occurs there and then.
NOTICE: This message, including any attachments, is only for the use of the
intended recipient(s) and may contain confidential, sensitive and/or privileged
information, or information otherwise prohibited from dissemination or
disclosure by law or regulation, including applicable export regulations. If
the reader of this message is not the intended recipient, you are hereby
notified that any use, disclosure, copying, dissemination or distribution of
this message or any of its attachments is strictly prohibited. If you received
this message in error, please contact the sender immediately by reply email and
destroy this message, including all attachments, and any copies thereof.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
