Educause Security Discussion mailing list archives

Re: Ironport DKIM

From: Scott Beardsley <scott () CSE UCDAVIS EDU>
Date: Thu, 1 Apr 2010 10:13:45 -0700

Hi, anyone who is running Ironport has implemented DKIM or plan to do
so? seems attractive.


We don't use Ironport but...

We have DKIM (with DNSSEC) running on our mail server (check the
headers!). Once you understand all that is involved it is pretty easy to
get going. You should consider adding DNSSEC support to your domain also
to complete the circle (I'm not sure of the status of the CA. TLD but
EDU will be signed Real Soon Now). I just tested your DNS servers and it
looks like all of them support IP fragmentation (both tcp and udp
fragmentation are required for DNSSEC to work) *except* bay.cs.utoronto.CA.

A colleague and I just presented these topics to the TIF-I[1] technology
guiding group here at UC Davis. You can view it here[2]. The target is
UCD specifically but you can get a quick overview of the technologies.

Scott
---------
[1]
http://tif-infrastructure.ucdavis.edu/minutes/march-2010/minutes-march-19-2010/
[2] http://docs.google.com/present/view?id=dd2p8qg_8fsvgg9vc

Current thread:

Ironport DKIM song (Apr 01)
- <Possible follow-ups>
- Re: Ironport DKIM Scott Beardsley (Apr 01)
- Re: Ironport DKIM Dexter Caldwell (Apr 01)
- Re: Ironport DKIM Georgia Killcrece (Apr 01)
- Re: Ironport DKIM Valdis Kletnieks (Apr 01)
- Re: Ironport DKIM Scott Beardsley (Apr 01)
- Re: Ironport DKIM Jesse Thompson (Apr 01)
- Re: Ironport DKIM Scott Beardsley (Apr 01)
- Re: Ironport DKIM Walter Petruska (Apr 02)