What is the common procedure for rotating DKIM keys? [closed]
https://stackoverflow.com/questions/13076885
-
14-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am looking for roughly how to generate new DKIM keys without effecting existing mail. It sounds like the only concern is mail in transit. Is there a common procedure for doing this?
Solution
You would generate a new key pair. Publish it in a new new selector._domainkey.example.com. Wait for the new selector to propagate in DNS. Update your e-mail system to use the new selector. After a week or so, remove the old selector DNS record.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
