The DKIM Records risk vector is assessed based on if a company has a DomainKeys Identified Mail (DKIM) record for each of their domains and the key length of the public key found in their DNS record. Test records are assessed as if the domain does not have a record.
Issues generally stem from a public key that is too short or is malformed.
Use the dig command to display information about the listed DKIM record, assuming one has been implemented. Commands requiring specific asset data from your finding to be inserted (variables) are indicated by the bold text.
dig selector._domainkey.domain.com txt
Add +short to filter just the TXT records for the domain.
Third party tools, such as DKIMCore and DMARC Analyzer, can also be a good resource for viewing the current DKIM record in more detail.
Feedback
0 comments
Please sign in to leave a comment.