https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6895
--- Comment #6 from Mark Martinec <[email protected]> --- > Question: would (DKIM_SIGNED && !DKIM_VALID) be a reasonable test to detect > such, or would that hit on properly-formed-but-invalid DKIM signatures as > well, which would make it a less-useful test? Indeed, it would not differentiate between various failure reasons, some of which may be due to recipient's mail path (mangling mailers, fetchmail, mailbox or MUA mangling, DNS failures, mail redirecting or mailing lists), some due to sender's broken setup or infrastructure. The real value of DKIM is for whitelisting purposes (or negative score points) when a signature is valid and belongs to a trustworthy domain (reputation). I think assigning spam score points to failed signatures is too risky due to false positive opportunities - maybe worth a small fraction of a score point, too risky for more. > It would be best to detect malformed vs. properly-formed in the plugin > and expose an eval for that, is that easy to do? Maybe. Currently all the parsing is hidden in the Mail::DKIM module, so we have no access to it, and re-doing it in SpamAssassin is probably not worth the effort. -- You are receiving this mail because: You are the assignee for the bug.
