DNS Policy Record with DKIM?

From: Steve Jenkins <stevejenkins_at_gmail.com>
Date: Tue, 25 Jan 2011 14:03:28 -0800

I was reading up for a new blog post I'm writing about mail signing,
and came across an article that stated:

>DKIM and Domainkeys uses two DNS records and a private key to sign the emails. The DNS records are

>policy record. It is defined as a TXT record :
>_domainkey.domain.tld IN TXT "t=y;o=~"
>t=y means the domain is in test mode. When everything works it can be changed to "n"
>o=~ means that some emails will be signed. "o=-" means that all domains are signed
>selector record. Also a TXT record storing the key and other parameters:
>default._domainkey.domain.tld IN TXT "g=*; k=rsa; p=MIGfMA0...ABC"

I've only been using the Selector Record in my DNS record. Is the
policy record required/recommended with DKIM? Or is that a throwback
from DomainKeys?


Received on Tue Jan 25 2011 - 22:03:41 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:15 PST