DKIM_SIGN
Platforms
All
Abstract
Specifies DKIM (DomainKeys Identified Mail) domains for which you are able and willing to sign. SEE DETAILS.
Example
z/VM: |
DKIM_SIGN = 'EXAMPLE.COM *.EXAMPLE.COM EXAMPLE.CA(CA) *.EXAMPLE.CA(CA)' |
Unix: |
DKIM_SIGN="EXAMPLE.COM *.EXAMPLE.COM EXAMPLE.CA(CA) *.EXAMPLE.CA(CA)" export DKIM_SIGN |
Windows: |
DKIM_SIGN=EXAMPLE.COM *.EXAMPLE.COM EXAMPLE.CA(CA) *.EXAMPLE.CA(CA) |
Details
LISTSERV previously supported Yahoo!'s DomainKeys email authentication system. DomainKeys is now deprecated in favor of DKIM (DomainKeys Identified Mail) (see http://www.dkim.org/ for details). L-Soft began supporting DKIM in the version 16.0-2017a "level set" release in February, 2017. The switch is a transparent change for pre-16.0-2017a LISTSERV sites that were already running with DomainKeys enabled.
Important: Sites that have used the LISTSERV DomainKeys feature since it was originally released should take an opportunity to review their key pair, as key lengths which were sufficient for DomainKeys may be too short for DKIM. Per RFC 6376 "DomainKeys Identified Mail (DKIM) Signatures", Section 3.3.3, "Signers MUST use RSA keys of at least 1024 bits for long-lived keys", whereas many DomainKeys sites may be using keys of 512 or 768 bits. |
Your LISTSERV Classic or Classic HPO installation must have current maintenance in order to enable this support.
In order to enable DKIM signing, the LISTSERV site administrator must provide private keys in a standard format for each domain LISTSERV is expected to sign for. These keys are placed into text files in LISTSERV's A directory and are specified to LISTSERV using the DKIM_SIGN site configuration variable.
Because DKIM configuration is complicated, L-Soft has created a separate explanatory document called Using LISTSERV with DomainKeys. Please review Using LISTSERV with DomainKeys before enabling this feature.
Default Value
Not set (feature is disabled).
See also
Using LISTSERV with DomainKeys