Provide 2048 Bit Key for Email Sending Domain DKIM

When creating an email sending domain, a 1024 bit key is provided for DKIM. Please allow the ability to generate a 2048 bit key. Due to security, especially in the Healthcare industry, we require 2048 bit keys. Our security assessors deem a 1024 bit key as a weak key for DKIM.

HubSpot updates
2 Replies
k_damico
New Member

I agree - according to a spam testing tool, this is knocking our deliverability scores down by a fairly large margin. Here is the warning message from that tool:

The DKIM records are present but incorrectly set up. Less than 3 percent of servers actually fail like this, so this will almost certainly adversely affect deliverability. The take-up of DKIM is now so high that it is become very important to set them up correctly. The DKIM records are set with a key equal to 1024 bits. This is only just acceptable today. A longer key is recommended. Google currently use 2048 bits. (key = 1024 bits)

ron_kagan In Search of Ponies
In Search of Ponies

It seems my host also requires 2048.  Is this still an issue?