The new DKIMWLAddress / DKIMNPAddress functionality is terrific, and I
greatly appreciate you implementing it at my request. It's already helped
significantly when senders sign with a i= in their DKIM signature. Great
stuff.
I know we've been round and round on the d= only messages last week, but
I'm hoping that you are still willing to help or if my concept is flawed,
please correct me and explain where I'm going wrong.
I went into more detail in the last thread, but that irritated you Thomas,
so I won't go deeper here unless you want me to better explain myself.
Essentially, a lot of the vendors that our little charity use send
invoices when using Office365. Scammers are doing the same thing and are
being blocked. I'm getting false positives on some of the legit mail
because, well, it looks just like the spam that ASSP has been trained to
block.
We can't whitelist the legit email addresses because scammers are using
them in some cases. We can't NP the IP because it's from public Office365
servers. Fortunately, most of these messages are DKIM signed, but they're
only doing a d= signing, not an i= For the DKIMWL/NP address
functionality, ASSP only looks to i= according to the gui:
If a valid DKIM or DomainKey signature is found and the signature identity
tag (i=u...@domain.tld) matches any of these addresses....
Wouldn't checking d= if i= isn't there be something that would be
universally beneficial to ASSP users? If we trust a domain when it's DKIM
signed, just let the mail through. With the current version of ASSP, if
there's no i= signature, this won't work, but the d= entry is just waiting
there to be used....
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
