Murray S. Kucherawy wrote: > > The first field of the Authentication-Results: header is the hostname of > the host adding the header. Can you check that to verify?
It works OK, but... I was thinking about two low probabilities situations. If I was a spammer, I'd add a faked "Authentification-Results" header. This trick can work if : * for some reason, dkim-filter unluckly dies friday night, and stay dead during all week-end. In this case, forged Authentication-Results will be passed to my filter who will consider it's OK. * for some reason, dkim-filter is running but it doesn't remove previous authentication headers. Is this possible without a misconfiguration issue ? Am I wrong ? -- --------------------------------------------------------------- Jose Marcio MARTINS DA CRUZ http://j-chkmail.ensmp.fr Ecole des Mines de Paris 60, bd Saint Michel 75272 - PARIS CEDEX 06 mailto:[EMAIL PROTECTED] ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
