If you know the selector for a domain, and you want to check the strength of the key in use, you can find that by following this procedure:
(if you do not know the selector, look for it in the content of s= in the DKIM-Signature header of a message from the domain in question)
- Retrieve the public key:
dig +short txt s1024._domainkey.agari.com
"v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQwPqBxkIOc1YVnJv3Occfbd3S68p8E5BafsirMBaSPxqIgnzaxNSyPp8INEPL61cIRKo3u195Px5XHNwjEfq76BvDu7eUYXxY8zKcAS74heKAeyfpVaMFWHUzCoujPNzzorCIRtP5CuY+ILw+Vj1SKN6xlBWhouCSHWhOr/vcYQIDAQAB" - Place the content of the p= section (without the 'p=') in a file. In the file the top and bottom lines respectively should be:
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
The content needs to be no longer than about 78 characters per line, so you should end up with a file with content like so:
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQwPqBxkIOc1YVnJv3Occfbd3S68p8E5BafsirMBaSPxqIgnzaxNSyPp8INEPL61cIRKo3u195Px5XHNwjEfq76BvDu7eUYXxY8zKcAS74heKAeyfpVa MFWHUzCoujPNzzorCIRtP5CuY+ILw+Vj1SKN6xlBWhouCSHWhOr/vcYQIDAQAB -----END PUBLIC KEY----- - Save the file and run this openssl command (results will appear assuming you have named the file 'keytest'):
openssl rsa -noout -text -pubin < keytest
Public-Key: (1024 bit)
Modulus:
00:d0:c0:fa:81:c6:42:0e:73:56:15:9c:9b:f7:39:
c7:1f:6d:dd:d2:eb:ca:7c:13:90:5a:7e:c8:ab:30:
16:92:3f:1a:88:82:7c:da:c4:d4:b2:3e:9f:08:34:
43:cb:eb:57:08:44:aa:37:bb:5f:79:3f:1e:57:1c:
dc:23:11:fa:bb:e8:1b:c3:bb:b7:94:61:7c:58:f3:
32:9c:01:2e:f8:85:e2:80:7b:27:e9:55:a3:05:58:
75:33:0a:8b:a3:3c:dc:f3:a2:b0:88:46:d3:f9:0a:
e6:3e:20:bc:3e:56:3d:52:28:de:b1:94:15:a1:a2:
e0:92:1d:68:4e:af:fb:dc:61
Exponent: 65537 (0x10001)
The '1024 bit' shown in that output is the key strength.
Or you could use an online tool like protodave - http://www.protodave.com/tools/dkim-key-checker/
It will do the donkey work for you.