Verifying a DKIM TXT Record and Key Length

After reading the Wired story last week about Zachary Harris discovering a widespread vulnerability related to the use of weak cryptographic DKIM keys (less than 1024 bits) by companies like Google, eBay, Yahoo, Twitter and PayPal, and the subsequent CERT warning (VU#268267), I decided to write a quick tool to check DKIM TXT records and determine their key length:

This tool grabs your DKIM DNS TXT record and uses OpenSSL to parse the contained public key to determine its key length.

DigitalOcean provides cloud products for every stage of your journey. Get started with $200 in free credit!

Checking your DKIM DNS record

Looking to validate a DKIM key? I’ve created an online tool to check and verify DKIM TXT records, and to determine their public key length.

What is DKIM?

DomainKeys Identified Mail (DKIM) is a method for email authentication designed to detect sender address forgery (spoofing) in email, which is often used in spam and phishing emails.

Continue reading Checking your DKIM DNS record