Summary
SHA1 DKIM keys are no longer considered secure and are officially deprecated due to known cryptographic vulnerabilities, including susceptibility to collision attacks. While some older or less security-conscious systems may still technically accept SHA1 signatures, relying on them presents a significant risk to email deliverability. Modern email providers and industry standards strongly recommend, and in some cases, effectively require, the use of SHA256 for DKIM. Continuing to use SHA1 can lead to emails being rejected, deprioritized, or treated as untrusted, thereby negatively impacting inbox placement. Therefore, an immediate transition to SHA256 is crucial for maintaining robust email authentication and ensuring successful email delivery.
Key findings
- SHA1 is insecure and deprecated: SHA1 is considered cryptographically broken and deprecated for DKIM signing by official standards, including RFC 8301 and guidance from NIST. It is vulnerable to collision attacks, making it unsuitable for secure digital signatures.
- Significant deliverability risk: Using SHA1 for DKIM poses a substantial risk to email deliverability. Receiving email providers, especially those with no-tolerance security policies like Gmail, are likely to reject, deprioritize, or distrust emails signed with this insecure algorithm, impacting inbox placement.
- Industry shift to SHA256: The email industry is rapidly moving away from SHA1. Modern email service providers and major platforms (like Postmark and Microsoft 365, which recommends SHA256) have adopted or strongly advise using SHA256 as the standard for DKIM, highlighting the critical need for an upgrade.
- RFC 8301 deprecation: According to RFC 8301, DKIM signatures created with historic algorithms such as rsa-sha1 should be considered to have 'permanently failed evaluation.' This official deprecation underscores the urgency for senders to transition to SHA256 or stronger algorithms.
Key considerations
- Immediate migration to SHA256: Prioritize migrating all DKIM keys from SHA1 to SHA256 immediately. This proactive step helps maintain robust email authentication and ensures long-term deliverability, as modern mail servers increasingly enforce stricter security policies.
- Untrusted key perception: Even if an SHA1 DKIM signature technically passes validation, many receiving servers may treat it as untrusted. This perception can significantly impact inbox placement, potentially leading to emails being flagged as suspicious or routed to spam folders.
- Observe deliverability changes: While fixing SHA1 DKIM issues is critical, be aware that positive changes in email deliverability and inbox placement might not be immediately apparent in your data. It can take a few weeks for the full impact of the change to become visible.
- Future-proof your authentication: The email security landscape is continuously evolving towards stronger cryptographic algorithms. Adopting SHA256 now is essential to future-proof your email authentication strategy and avoid potential deliverability challenges as verification policies become more stringent.
What email marketers say
10 marketer opinions
Relying on SHA1 for DKIM signatures presents a significant and growing risk to email deliverability. This cryptographic algorithm is now widely considered insecure due to demonstrated vulnerabilities, including collision attacks, and has been officially deprecated by industry standards. While some email providers may still technically process SHA1-signed emails, the increasing stringency of security checks means these messages are highly likely to be rejected, quarantined, or deprioritized, essentially equating to a failed authentication. The consensus among deliverability experts and formal RFCs is clear: immediate migration to SHA256 is essential. Continuing to use SHA1 is akin to having no authentication at all, as mail servers actively look for reasons to distrust traffic, ultimately leading to severe negative impacts on inbox placement.
Key opinions
- Sha1's cryptographic weakness: SHA1 is no longer considered cryptographically secure due to its vulnerability to collision attacks. This makes it an outdated and deprecated algorithm for securing DKIM signatures.
- Significant deliverability risk: Emails signed with SHA1 face a high risk of rejection, deprioritization, or being routed to spam folders by modern email providers. Many providers, like Gmail, have a zero-tolerance policy for security vulnerabilities.
- Official deprecation by standards: According to RFC 8301, DKIM signatures created with historic algorithms, such as rsa-sha1, are considered to have 'permanently failed evaluation'. This formal deprecation underscores the critical need for an upgrade.
- Industry shift to sha256: The email industry strongly advocates and is rapidly moving towards SHA256 as the standard for DKIM. This shift reflects the need for stronger cryptographic algorithms to ensure robust email authentication.
Key considerations
- Prioritize sha256 upgrade: It is crucial to immediately transition all DKIM keys from SHA1 to SHA256. This ensures compliance with current security standards and proactively prevents deliverability challenges.
- Impact on email trust: Even if an SHA1 DKIM signature is technically accepted, mail servers often view emails signed with this algorithm as untrustworthy. This perception can lead to lower inbox placement rates and an increased likelihood of messages being filtered as spam.
- Observe gradual deliverability changes: While the technical fix should be applied immediately, improvements in email deliverability and inbox placement metrics may not be instantly visible. It can take several weeks for the full positive impact to become apparent.
- Proactive security posture: Migrating to SHA256 is a vital step in maintaining a robust email authentication strategy. It helps future-proof your email deliverability against evolving security requirements and stricter policies from receiving mail servers.
Marketer view
Marketer from Email Geeks explains that if a DKIM key is not trusted due to insecurity, it will likely be an issue for deliverability, especially with providers like Gmail having a no-tolerance policy for security. SHA1 is insecure because it is computationally too easy to crack and has been vulnerable to collision attacks for a while. She recommends ensuring all the latest security measures are enabled to avoid filters rejecting or deprioritizing traffic. She notes that using a vulnerable algorithm for DKIM is close to not having one, as mail servers look for any reason to reject traffic. She advises fixing it immediately, though acknowledging that immediate deliverability changes might take a couple of weeks to become apparent in data.
28 Jun 2022 - Email Geeks
Marketer view
Marketer from Email Geeks confirms that SHA1 DKIM keys are deprecated in RFC8301 and should be replaced. He cites the RFC, stating, "DKIM signatures identified as having been signed with historic algorithms (currently, rsa-sha1) have permanently failed evaluation," confirming the critical need for an upgrade.
30 Nov 2024 - Email Geeks
What the experts say
3 expert opinions
SHA1 DKIM keys are widely seen as insecure and have been officially deprecated by industry experts due to known cryptographic vulnerabilities. While a SHA1 key might still technically pass validation with some receiving servers, its inherent insecurity means it is often perceived as untrustworthy. This lack of trust can directly and significantly impact email deliverability, potentially leading to emails being rejected, quarantined, or routed to the spam folder. The strong recommendation across the deliverability community is to immediately transition from SHA1 to SHA256 to ensure robust email authentication, maintain sender reputation, and secure reliable inbox placement in the evolving email ecosystem.
Key opinions
- SHA1 is insecure and deprecated: SHA1 for DKIM is no longer considered secure for digital signatures. It has known vulnerabilities, making emails susceptible to forgery and has been officially deprecated by industry consensus.
- Negative impact on trust and deliverability: While a SHA1 key might still pass DKIM validation, it is not trusted by receiving servers. If treated as an untrusted key, it can be perceived as not being DKIM signed at all, directly impacting inbox placement.
- Industry shift away from SHA1: The email industry is moving away from SHA1 due to its insecurity. Major providers may eventually stop accepting SHA1 keys, which could significantly impact future deliverability.
- SHA256 is the recommended standard: Both SHA-1 and SHA-256 DKIM keys may currently be accepted, but SHA-256 is recommended for all new and existing implementations due to its superior security and industry adoption.
Key considerations
- Prioritize migration to SHA256: It is crucial to promptly transition all DKIM keys from SHA1 to SHA256. This ensures your email authentication aligns with current security standards, proactively mitigating potential deliverability challenges.
- Untrusted key perception: Even if an SHA1 DKIM signature passes validation, many receiving servers will treat it as untrustworthy. This perception can severely impact inbox placement, potentially causing emails to be flagged as suspicious or routed to spam folders.
- Addressing security vulnerabilities: Despite some current acceptance by major email providers, SHA1 is considered less secure and has known vulnerabilities. Migrating to SHA256 addresses these security risks for both new and existing DKIM implementations.
- Future-proof authentication: Adopting SHA256 now is a vital step in maintaining a robust email authentication strategy. It helps future-proof your email deliverability against evolving security requirements and stricter policies from receiving mail servers.
Expert view
Expert from Email Geeks advises against using old, insecure SHA1 DKIM key types as they can affect deliverability. While a SHA1 key might still pass DKIM validation, it does not mean it will be trusted by receiving servers. If treated as an untrusted key, it may be perceived as not being DKIM signed at all, potentially impacting inbox placement. Based on new information regarding RFC deprecation, she fully endorses fixing it immediately.
10 Aug 2024 - Email Geeks
Expert view
Expert from Spam Resource explains that while SHA1 for DKIM was previously accepted, it is no longer considered secure for digital signatures and makes emails vulnerable to forgery. Although major providers like Gmail accepted it, the industry's move away from SHA1 suggests that mail providers may eventually stop accepting it, which could impact future deliverability.
1 Sep 2023 - Spam Resource
What the documentation says
5 technical articles
SHA1 DKIM keys are no longer considered cryptographically sound and have been officially deprecated, carrying significant implications for email deliverability. While a small number of legacy systems might still process them, the overwhelming consensus among industry bodies and major email providers is that SHA1 is insecure due to known vulnerabilities. Relying on this outdated algorithm means that emails signed with SHA1 are increasingly likely to be distrusted, rejected, or routed to spam folders by recipient mail servers. Therefore, an immediate and thorough migration to SHA256 is vital to maintain robust email authentication and secure reliable inbox placement.
Key findings
- SHA1's inherent insecurity: The SHA1 algorithm is cryptographically weak and has been formally deprecated for DKIM signing, notably by IETF RFC 8461, due to its susceptibility to collision attacks.
- Widespread deprecation and distrust: Global security bodies like NIST have long advised against SHA1 for digital signatures, indicating that any protocol, including DKIM, relying on it is inherently less secure and prone to distrust by modern systems.
- Industry shift to SHA256: Major email platforms and service providers, such as Postmark and Microsoft 365, have either fully adopted or strongly recommend SHA256 for DKIM, highlighting the industry's move away from SHA1.
- Negative deliverability impact: Continued use of SHA1 for DKIM can lead to emails being perceived as untrustworthy, potentially resulting in verification failures, rejection, or misclassification as spam by receiving mail servers.
Key considerations
- Prioritize the SHA256 upgrade: It is paramount to migrate all DKIM keys from SHA1 to SHA256 without delay. This action is critical for aligning with current security standards and preventing future deliverability issues.
- Enhance email authentication trust: Implementing SHA256 fortifies your email authentication, which is crucial for building and maintaining trust with receiving mail servers and improving overall sender reputation.
- Proactive security measure: Updating to SHA256 for DKIM is a proactive step that helps future-proof your email deliverability strategy against evolving security mandates and stricter validation policies across the email ecosystem.
- Risk of deliverability degradation: Despite potential temporary acceptance by some systems, the continued reliance on SHA1 significantly increases the risk of emails being flagged as suspicious or delivered to junk folders over time.
Technical article
Documentation from IETF (RFC 8461) states that SHA1 is considered cryptographically broken and is deprecated for use in DKIM signing. While it notes that some older or less security-conscious verifiers might still accept it, senders should transition to SHA256 or stronger algorithms for new deployments to maintain security and avoid potential issues with future verification policies.
29 Apr 2022 - IETF
Technical article
Documentation from Postmark indicates that their DKIM records use SHA256, signaling that modern email service providers have adopted the stronger hash algorithm. This practice helps ensure the cryptographic integrity of signed emails, which is crucial for successful deliverability and avoiding potential issues with receiving servers that may distrust SHA1.
6 Sep 2023 - Postmark
Does rotating DKIM keys improve email deliverability and how should DKIM keys be rotated?
How does individual DKIM versus shared DKIM affect email deliverability?
How does turning on DKIM impact domain reputation and email deliverability?
How to configure DomainKeys DKIM for email authentication and is it still relevant?
Why is DKIM key rotation recommended, and what key length is secure?
Will 2048-bit DKIM keys or stricter DMARC policies become new email authentication requirements?
