Translations:Tech:Compromised Handling/19/en

The DKIM key should be immediately re-generated and re-deployed (see Tech:Mail for instructions). A DKIM key allows someone to authenticate and sign emails from the domain miraheze.org, as such it has a serious consequence as social engineering attacks can be viewed as legitimate by mail servers around the world (As of August 2016, this only forms part of successful verification and social engineering - if the mail fails SPF checks, it will be rejected at the SMTP level). The public key is listed in the DNS record for @ miraheze.org and this should be pulled immediately from deployment. An investigation into how the key was obtained should be launched.