I was looking at this article How to use DKIM with Ed25519 - Mailhardener
knowledge base
<
https://www.mailhardener.com/kb/how-to-use-dkim-with-ed25519>.
In the section where it discusses the "Transition period considerations" it
says, and I quote:
""
As with any new standard in email, it is expected that it will take some
time before Ed25519 validation
is a common feature in email validators (the receiving services). As such,
it is not recommended to
exclusively rely on Ed25519 for DKIM.
The signer (sending email service) should use a dual DKIM signature
approach where the email is
signed with both an Ed25519 signature, as well as an RSA signature for
backward compatibility.
This means that 2 DKIM DNS records must be created. One containing the
Ed25519 key, and one
with a fall-back RSA type key. The two DKIM DNS records must use a
different selector, as DKIM
does not allow multiple DKIM records to exist with the same selector.
""
Is anyone already doing this with Exim?
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' :-)
