Change default key length for DKIM

LoadFactor

Well-Known Member
Jul 12, 2013
89
18
133
cPanel Access Level
Root Administrator
The default cypher for cPanel's DKIM on my servers is k=rsa; which is a 512 bit key.

Google is listing this as a DKIM fail with
dkim=policy (weak key)
Is there any way to change the default key length so that all generated keys are 2048?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
16,570
2,612
363
cPanel Access Level
Root Administrator

LoadFactor

Well-Known Member
Jul 12, 2013
89
18
133
cPanel Access Level
Root Administrator
The DKIM.pm file was not altered. As it turns out, my sample was all on some very old accounts and the keys were ancient!

Second question: is there a way to regenerate keys for all accounts in one go?
 

akhand

Member
Apr 8, 2022
7
1
3
india
cPanel Access Level
Root Administrator
Hey there! That's odd to me as cPanel keys have been at least 1024 with the 2048 option since version 11.50:


Can you check the files mentioned here to see if they have been adjusted on your machine? https://support.cpanel.net/hc/en-us...can-I-generate-a-1024-bit-DKIM-key-in-cPanel-
Hey Sir I want To Want How To Setup PTR In 2022 And Also I did not Find Edit Dns In New Update Help Me Plss Sir
 

quietFinn

Well-Known Member
Feb 4, 2006
2,040
551
493
Finland
cPanel Access Level
Root Administrator
@akhand
if you want to ask a question open a new thread instead of hijacking threads that have nothing to do with your question.
 

LoadFactor

Well-Known Member
Jul 12, 2013
89
18
133
cPanel Access Level
Root Administrator
i am the owner of server and also i did not to start Cpanel thread and also this problem come after Cpanel update
The title of this thread is "Change default key length for DKIM" and has nothing to do with PTR, yet here you are, asking a PTR question. The way the forum is set up can be a little confusing. Create a new question by typing a title after the "new thread" button.

Even if you own the server, the PTR is set by your provider. Most data centers have a place where you can do this, somewhere in the area where you list IP addresses. For example on OVH the screen looks like this:
 

Attachments

  • Like
Reactions: cPRex and quietFinn

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
16,570
2,612
363
cPanel Access Level
Root Administrator
@LoadFactor - I don't have an easy automated way to do that all at once. The closest thing I would have would be the API tools, which would let you remove all the keys and then add them:

 
  • Like
Reactions: LoadFactor