Hi, There's been a lot of discussion in various forums recently about mail authentication for @debian.org addresses. As an initial step in that direction, I'm pleased to announce that the db.debian.org mail gateway now allows DDs to configure DKIM keys [http://www.dkim.org/] for their account, using the "dkimPubKey" command. The command format to use to set keys is: dkimPubKey: <selectorname> <base64-encoded key> where the selector name must end with ".your_uid.user" As an example, to configure a key for the DKIM selector "debian1.adsb.user", I might send: dkimPubKey: debian1.adsb.user MIIBIjANBgkqhkiG9w0BAQ... to change@db.debian.org. This will result in a TXT record for debian1.adsb.user._domainkey.debian.org. (i.e. a selector of "debian1.adsb.user") Multiple selectors can be added for a user by sending multiple "dkimPubKey" commands. Similarly to the existing SSH key functionality, any existing keys will be removed when adding new ones, so all required keys must be provided in the same mail. Some related resources which might be useful for configuring DKIM signing using popular MTAs: - https://exim.org/exim-html-current/doc/html/spec_html/ch-dkim_spf_and_dmarc.html#SECDKIMSIGN - https://debian-administration.org/article/718/DKIM-signing_outgoing_mail_with_exim4 - http://opendkim.org/opendkim-README As ever, please let us know if you have any comments on or issues with the new functionality. Regards, Adam for DSA
Attachment:
signature.asc
Description: This is a digitally signed message part