diff --git a/default.nix b/default.nix
index 2f681d4..571abf7 100644
--- a/default.nix
+++ b/default.nix
@@ -999,6 +999,11 @@ in
       description = ''
         The key type used for generating DKIM keys. ED25519 was introduced in RFC6376 (2018).
 
+        :::{warning}
+        ED25519 DKIM keys are currently not recommended for primary use, as
+        various DKIM validators out there lack support and consider the keypair invalid.
+        :::
+
         If you have already deployed a key with a different type than specified
         here, then you should use a different selector ({option}`mailserver.dkimSelector`). In order to get
         this package to generate a key with the new type, you will either have to