How is everyone handling senders that sign their emails with RSA-SHA1 DKIM keys?
I'm a bit surprised to see eBay and Match.com sending out messages using SHA-1. I'm seeing a lot of signatures coming in that use SHA-1 but most of the domains are questionable at best. But eBay and Match.com caught my eye as being larger companies that I would expect to know better. To be clear, eBay is sending out some messages with SHA-256 hash, but they are also sending out some with a SHA-1 hash. It appears to be the dkim1k selector that is SHA-1. The Match.com (d=connect.match.com) is using the 102022s2048 selector with SHA-1. Just wondering what everyone else is doing with these? I thought SHA-1 was deprecated a long time ago.
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
