> > In other research, I found the following: > > - DKIM is a merger of Yahoo's Domain Keys and Cisco's IIM (Identified > Internet Mail).
BTW, Yahoo! does NOT fully support domainkeys (see yahoogroups, for example) > - DKIM is widely considered to be Domain Keys' successor. > - DKIM is the subject of a new IETF Working Group intending to make it an > IETF standard. Yep, in the DKIM-IETF-WG they (we) are working hard for stablish and standard about domainkeys. The current debate is about the need (or don't) of a new DNS RR. IMHO there must be a new type of DNS resource record, just like SRV, for avoiding the "squatting" of TXT records (like flagrantly SPF, and in less measure domainkeys, do). TXT records are not conceived for that. > - DKIM is available as a Spamassassin plugin: "Mail::DKIM (from CPAN) > If this module is installed, and you enable the DKIM plugin, > SpamAssassin will perform Domain Keys Identified Mail lookups when > DKIM information is present in the message headers." > <http://search.cpan.org/src/DOS/Mail-SpamAssassin-3.1.6/INSTALL> This plugin is for check DKIM within spamassassin, not for signing or creating headers. > It seems worth exploring further as an addition to the Qmail Toaster. Some > questions I would like to answer first: > > - Does "upward compatible" mean that if we use DKIM we will automatically > be validated by Domain Keys servers? DKIM should be compatible with domainkeys entries, but the other implications needs not to be true. DKIM and domainkeys use different headers and may be different ways of retrieving public keys (in DKIM WG we/they are talking about different methods of deploying keys) > - Can we completely replace QT's Domain Keys implementation with DKIM? AFAIK, there's not any full implementation of DKIM over qmail, so that would depend on the future implementation. > - Would it then be redundant to run Spamassassin's Mail::DomainKeys and > Mail::DKIM plug-ins simultaneously? Nope, again, AFAIK, they use different headers > - If the QT implementation of DKIM differs greatly from Domain Keys (key > generation scripts, file locations, etc) what is the migration path for > users who currently use QT with Domain Keys? > - Should I start using Domain Keys for my domains, or wait and use DKIM? > It shouldn't be too much different, but as stated above, depends on the implementation (there's no full qmail DKIM implementation (is fine, there's no standard yet)) > Quinn --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
