Hello,
i recently created ssl certificated to implement tls in one of our smtp servers since saslauth was implemented. The first command that i used was:
this clearly shows that the it's 1024 bit key. But when i sent a test mail through an email client i was it as 128 bit key i the header and showed the same in the log too Why is it so and if 128 bit has been created how do i make it at least 512 or greater bits key?

This is perfectly normal. There are two keys involved here: a 1024 bit asymmetric RSA key (for authentication purposes) and a 128 bit (or longer) symmetric session key (to do the actual encryption).

(1024 bit is a bit on the short side for an RSA key, actually. Most CAs will reject Certificate Signing Requests if the RSA key is not at least 2048 bit.)

thank u for the reply.

Oh then how can i make the symmetric key longer now,i mean more than 128 bits since u said that's the one which does the encryption? Or is the symmetric key always 128 bit only?

No, the symmetric SSL key can be anything from 56-bit DES to 256-bit AES. It's up to the server/application doing the SSL/TLS handshake to decide which algorithms to accept and what the minimum keylength should be.

A 128-bit symmetric key should provide more than adequate security, assuming the algorithm itself and the key exchange process isn't flawed. For instance, 128-bit AES is fine, while 128-bit RC4 should be avoided. 168-bit 3DES ("keying option 3") is so-so; it has no obvious flaws, but requires considerably more processing power than AES. 3DES was only created as a stop-gap measure in 1998, meant to temporarily replace the by then hopelessly outdated DES algorithm while the AES standard was being finalized.