>ASSP only looks to i= according to the gui:
...
GUI - 18087
If a valid DKIM or DomainKey signature is found and the signature identity
(mostly the signature tag i=u...@domain.tld) matches any of these
addresses,
...
No, I told you many times, assp uses the DKIM identity not the i= tag. If
an i= tag is not available, the d= tag provides the identity. For
DomainKey signatures the 'Sender' or 'From' header provides the identity
(they never have an i= tag).
This is only, but the important half of the truth. The DKIM RFC's
describes how a DKIM/Domainkey identiy is "calculated" - I already told
you this. Also the POD and the Code of Mail::DKIM makes this very clear.
Again - and for the last time: It is impossible to create a valid
DKIM/DomainKey signature without providing an identity. This identity is
used by ASSP - how ever this identiy is provided by the policy author or
signer or sender.
If ValidateSenderLog is enabled and DKIMWLAddresses or DKIMNPAddresses is
set, the maillog shows the detected DKIM identity for every DKIM mail. The
analyzer shows it, if a match is found (the next version will show the
identity every time).
maillog:
Apr-04-18 08:43:57 [Worker_1]......... Info: found DKIM signature identity
'user....@....domain....tld'
analyzer (1809x):
DKIM-check returned OK verified-OK for identity
'user....@....domain....tld'
>I went into more detail in the last thread
>but that irritated you Thomas
No, it frustrated me - because you are not willing to read and learn how
DKIM is working. Instead you are bothering me and the community with
things, that are already clear
CLOSED!
Thomas
Von: "K Post" <nntp.p...@gmail.com>
An: "ASSP development mailing list" <assp-test@lists.sourceforge.net>
Datum: 03.04.2018 21:35
Betreff: [Assp-test] d= DKIM validation for WL/NP Addresses
The new DKIMWLAddress / DKIMNPAddress functionality is terrific, and I
greatly appreciate you implementing it at my request. It's already helped
significantly when senders sign with a i= in their DKIM signature. Great
stuff.
I know we've been round and round on the d= only messages last week, but
I'm hoping that you are still willing to help or if my concept is flawed,
please correct me and explain where I'm going wrong.
I went into more detail in the last thread, but that irritated you Thomas,
so I won't go deeper here unless you want me to better explain myself.
Essentially, a lot of the vendors that our little charity use send
invoices when using Office365. Scammers are doing the same thing and are
being blocked. I'm getting false positives on some of the legit mail
because, well, it looks just like the spam that ASSP has been trained to
block.
We can't whitelist the legit email addresses because scammers are using
them in some cases. We can't NP the IP because it's from public Office365
servers. Fortunately, most of these messages are DKIM signed, but they're
only doing a d= signing, not an i= For the DKIMWL/NP address
functionality, ASSP only looks to i= according to the gui:
If a valid DKIM or DomainKey signature is found and the signature identity
tag (i=u...@domain.tld) matches any of these addresses....
Wouldn't checking d= if i= isn't there be something that would be
universally beneficial to ASSP users? If we trust a domain when it's DKIM
signed, just let the mail through. With the current version of ASSP, if
there's no i= signature, this won't work, but the d= entry is just waiting
there to be used....
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
