Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DKIM selector monitoring limitations #336

Open
mbainter opened this issue Jan 17, 2024 · 0 comments
Open

DKIM selector monitoring limitations #336

mbainter opened this issue Jan 17, 2024 · 0 comments

Comments

@mbainter
Copy link

The current DKIM check in the email security policy allows you to set a property with a list of DKIM selectors. This is a good initial version, and should provide adequate support for simple setups.

However, a lot of organizations have multiple sending domains, with varying DKIM keys, and in some organizations, those keys are identified by the date they were created for ease of tracking, rotation, etc. This could potentially result in overlapping selectors across multiple domains.

That means, if say, I want to ensure that we only have a particular DKIM selector for domain X.domain.com, and not Y.domain.com I can't assert that in my policy without having them in separate spaces (or, of course, writing my own custom policy.) If I remove a key, I might also be removing a selector from monitoring that's still being used.

I would propose making this a map (if properties support those) of domains => [valid selectors].
@mbainter mbainter changed the title DKIM monitoring limitations DKIM selector monitoring limitations Jan 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mbainter