Recently had a customer go through an Third Party Security Audit and found out

• Issue: The public DKIM key size is 1024 bits, which is below the recommended minimum of 2048 bits.
• Impact: Shorter keys may be vulnerable to cryptographic attacks and reduce email authentication strength.
• Recommendation: Please generate a new DKIM keypair with a key size of 2048 bits or greater using OpenSSL or your preferred SSL tool, and update your DNS records accordingly.

The problem was this customer had been taken from another provide so we had no logs of what the existing DKIM keys were being used for and the Keys were generic

The first question was were they were being still used?

As we used Cloudflare we could actually audit the DNS Records if there we being asked for

Change the Analytics to 7 Days