Rotate DKIM keys every month or so
As a cPanel / WHM customer and an administrator of a VPS, I would like cPanel to consider rotating DKIM keys on a regular basis. DKIM keys are a little bit like SSL certificates in the sense that if the private key gets leaked, people could use the private keys to forge e-mails and make them look like they came from the server that the DKIM key belongs to.
Companies like Let's Encrypt allow users to create valid SSL certificates that are only valid for a maximum of three months. They do this in case the private key gets leaked. If the administrator doesn't know, whoever has obtained the private key will only be able to use it for a maximum of three months, depending on when they acquired the key.
I feel that cPanel should do something similar with the DKIM keys. Personally, I feel new DKIM keys should be generated at least once a month and the new keys should replace the old keys.
Replies have been locked on this page!