Resolved No DKIM 2048 (DKIM 1024Bit is marked as deprecated)

[jan1001]

I post this as a Bug.
For German public authorities and government DKIM 1024Bit is marked as deprecated. (My business customers can not contact public authorities or government, because the mails gets rejected.)

 

[Maarten]

I ran into the same issue last year with a Dutch bank that wouldn't accept emails because of this. Plesk needs to fix this ASAP.

You already found the UserVoice for this important feature request, but I'll post the link here so others can also vote on this feature request:

Feature Suggestions – Your Ideas for Plesk

 

[AYamshanov]

Hi everyone,

I am collecting necessary information and I am trying to find any documents (from governments, banks, mail providers, etc) that state something like "we consider DKIM 1024 bit as deprecated", "emails signed by 1024 bits will be marked as a spam", "only DKIM with 2048 bit keys will be passed through spam filters". If you have links or documents that say so, could you please share them (in any languages)?

Currently, I have found RFC that states additional method for signing but nothing about deprecating previous ones. Recommendation about switching to 2048 but nothing about ignoring 1024. As I said, any information would be helpful. Thank you!

 

[AYamshanov]

With Plesk Obsidian 18.0.55 release and for new websites, a new default DKIM length is used, now it is 2048 bits.

• To ensure better protection of emails from unauthorized changes and impersonation, we added support for 2048-bit DKIM keys. Starting from Plesk Obsidian 18.0.55, such keys will be used for all new Plesk installations by default.
  • To enable the feature on existing domains, follow the steps described in the KB article.
  • To switch back to 1024-bit DKIM keys, as a Plesk administrator, add the following lines to the panel.ini file:
    

    [mail]
    dkimKeySize = 1024