Google Doubles Down on Weak DKIM Keys: What You Need to Do Now to be Compliant

In October, Wired reported that a mathematician had successfully cracked Google’s DKIM key and impersonate the Google co-founders by spoofing their email addresses. In response, Google announced they would begin enforcing 1024-bit DKIM keys through phases. Google is currently failing emails sent to Gmail accounts if they are signed with a 512-bit key or less. Now there is evidence that Google is starting to enforce their policy of accepting DKIM keys of 1024-bit or higher.

Email administrators should upgrade now to be in full compliance with Google’s DKIM key strength policy. Our previous recommendations still apply:

1.    Verify you are signing with a 1024-bit DKIM key or higher. Not sure what size of key you’re using?  You can look at the header of Gmail using Return Path’s Inbox Monitor Gmail seed accounts and look for the following:

dkim=policy (weak key)

If you’re not using Return Path’s Inbox Monitor product, you can send an email to our reflector address, [email protected] , and we will send an automated report on your authentication results, including a field for “Public Key Length.” This field should be 1024 or higher.

2.    Send an email from every domain you use to send from. This domain list should include marketing, customer service, automated, and email service providers emails.

3.    Rotate your keys frequently.

4.    Check annually to see if 1024-bit keys are still secure. As computational processing power increases, the need for stronger keys also increases.

Need an expert to help you? Contact us and we will make sure you’re prepared for any upcoming changes.

 

minute read

Popular stories

Products

BriteVerify

BriteVerify email verification ensures that an email address actually exists in real-time

DemandTools

The #1 global data quality tool used by thousands of Salesforce admins

Everest

Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality

Solutions

Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time