Add 4096 length DKIM keys?

[Sonixax]

Hi Everyone,
Just wondering is there any way to add my own DKIM Private/Public key to exim server in Cpane/WHM without have been worrying about losing data with next update?
Currently Cpanel/WHM Generate its own DKIM with Default key! its ok but I want to use 4096 length for my keys! cause at the moment everything with my DKIM is ok but DKIM Authentication, MXtoolbox just shown me something like this: DKIM-Signature Not Verified!



maybe using external services like unlockinbox can help! Don't know
Thanks a lot and have a lovley day

 

[cPanelLauren]

Hello @Sonixax


MxToolbox is reporting a false positive on DKIM signatures, whether or not that's related to the key being 2048 or not I'm unaware. Other services like www.mail-tester.com report the same key as being valid.

Further to that as of right now I believe the largest supported key size is 2048. This is discussed in https://www.ietf.org/rfc/rfc4871.txt

Factors that should influence the key size choice include the
following:

o The practical constraint that large (e.g., 4096 bit) keys may not
fit within a 512-byte DNS UDP response packet

o The security constraint that keys smaller than 1024 bits are
subject to off-line attacks

o Larger keys impose higher CPU costs to verify and sign email