Educause Security Discussion mailing list archives
Re: Ironport DKIM
From: Scott Beardsley <scott () CSE UCDAVIS EDU>
Date: Thu, 1 Apr 2010 10:13:45 -0700
Hi, anyone who is running Ironport has implemented DKIM or plan to do so? seems attractive.
We don't use Ironport but... We have DKIM (with DNSSEC) running on our mail server (check the headers!). Once you understand all that is involved it is pretty easy to get going. You should consider adding DNSSEC support to your domain also to complete the circle (I'm not sure of the status of the CA. TLD but EDU will be signed Real Soon Now). I just tested your DNS servers and it looks like all of them support IP fragmentation (both tcp and udp fragmentation are required for DNSSEC to work) *except* bay.cs.utoronto.CA. A colleague and I just presented these topics to the TIF-I[1] technology guiding group here at UC Davis. You can view it here[2]. The target is UCD specifically but you can get a quick overview of the technologies. Scott --------- [1] http://tif-infrastructure.ucdavis.edu/minutes/march-2010/minutes-march-19-2010/ [2] http://docs.google.com/present/view?id=dd2p8qg_8fsvgg9vc
Current thread:
- Ironport DKIM song (Apr 01)
- <Possible follow-ups>
- Re: Ironport DKIM Scott Beardsley (Apr 01)
- Re: Ironport DKIM Dexter Caldwell (Apr 01)
- Re: Ironport DKIM Georgia Killcrece (Apr 01)
- Re: Ironport DKIM Valdis Kletnieks (Apr 01)
- Re: Ironport DKIM Scott Beardsley (Apr 01)
- Re: Ironport DKIM Jesse Thompson (Apr 01)
- Re: Ironport DKIM Scott Beardsley (Apr 01)
- Re: Ironport DKIM Walter Petruska (Apr 02)