RE: General OpenDKIM setup questions
> -----Original Message-----
> From: Quanah Gibson-Mount [mailto:quanah_at_zimbra.com]
> Sent: Thursday, May 03, 2012 1:15 PM
> To: Murray S. Kucherawy; opendkim-users_at_lists.opendkim.org
> Subject: RE: General OpenDKIM setup questions
>
> Ok. What happens on the verification side if email X is sent out at
> 10:01:01, signed by "quanah2011", then the keys are updated at 10:01:02
> to "quanah2012", and the mail doesn't get verified on the receiving end
> (some remote domain with slow transports say. :P ) until 10:02:05 or
> something?
> Will verification still succeed?
Verification succeeds if the key is still in the DNS. So when you rotate a new key in, you should allow some overlap before removing the older key from the DNS.
-MSK
Received on Thu May 03 2012 - 20:16:08 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:40 PST