Skynet/misc_nixos-mailserver
6
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'dkim-rsa2048' into 'master'

Browse source 
Increase default DKIM key bits to 2048

Closes #333

See merge request simple-nixos-mailserver/nixos-mailserver!442
This commit is contained in:
Martin Weinelt 2025-08-22 20:42:21 +00:00
commit 958c112fba
2 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
default.nix
View file

@ -976,9 +976,9 @@ in
dkimKeyBits = mkOption {
type = types.int;
default = 1024;
default = 2048;
description = ''
How many bits in generated DKIM keys. RFC6376 advises minimum 1024-bit keys.
How many bits in generated DKIM keys. RFC8301 suggests a minimum RSA key length of 2048 bit.
If you have already deployed a key with a different number of bits than specified
here, then you should use a different selector ({option}`mailserver.dkimSelector`). In order to get