On Fri, Oct 3, 2008 at 5:52 PM, Eric Shubert <[EMAIL PROTECTED]> wrote:
> Felix Buenemann wrote:
>> Hi,
>>
>> I agree with Arthur and Bgs in that SPF is a smarter thing to check,
>> because it can be done without checking headers and currently has a much
>> wider disribution base.
>>
>> IMHO the only way to properly reject DKIM failed mail is at the end of
>> the DATA command, which is exactly how eg. simscan rejects virii or spam
>> mail. So IMHO DKIM verification is something to do for a queue-handler
>> not a frot end smtp handler, that is geared for high performance. (This
>> is based on the assumtion, that spamdyke deals with 99% of the scam with
>> very little cpu time, thus reducing server load and leaving more in
>> depth checks to those mails that slip through spamdyke's already tight web.)
>>
>> -- Felix
>
> Good thinking, Felix. Some things just don't belong in spamdyke as is.
>
> --
> -Eric 'shubes'
>
I am not sure if this has been implemented, but this should be at the
top, right?
Fix the DNS spoofing "bug" by randomizing the outbound port with every query.
Try not to panic about it like CERT/CC did.
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
