unsupported algorithm rsa-sha1
freddieleeman opened this issue · 1 comments
freddieleeman commented
DKIM keeps returning 'invalid' due to 'unsupported algorithm rsa-sha1'. Is there DKIM rsa-sha1 support in the milter or is something else missing?
freddieleeman commented
Never mind, had a closer look at RFC8301 and found:
DKIM supports multiple digital signature algorithms. Two algorithms are defined by this specification at this time: rsa-sha1 and rsa-sha256. Signers MUST sign using rsa-sha256. Verifiers MUST be able to verify using rsa-sha256. rsa-sha1 MUST NOT be used for signing or verifying.
DKIM signatures identified as having been signed with historic algorithms (currently, rsa-sha1) have permanently failed evaluation.