On 29/03/07, John W. Baxter <[EMAIL PROTECTED]> wrote: > On 3/29/07 9:51 AM, "Marc Perkel" <[EMAIL PROTECTED]> wrote: > > > Are domain keys something useful? I saw some messages about Exim and > > domain keys and just wondering if I'm missing out on something. > > Well, lots of spam comes to us with domain keys (or DKIM, perhaps). Except > for "trusted domains" the headers are almost a red flag, and if I had a more > complete set of trusted domains, I might well add spam points for having > domain keys. > > Remember, the spammers will destroy any good idea.
To expand on your point - Domainkeys and DKIM, along with SPF, allow you to confirm with a degree of cerrtainty that the purported sender of the mail did indeed send it. The fact that a message has a signature that validates (DK/DKIM) or an SPF PASS shouldn't in itself tell you that it's a message you want to accept. Combined with a whitelist and a blacklist of trusted and unwanted senders respectively, it starts to get useful. For example, assuming you want to receive email from paypal.com, you can use DK to sift the real paypal.com email from the phishing attempts with 100% accuracy. (OK, someone will demonstrate a corner case which makes it less than 100%.....) > Remember, the spammers will destroy any good idea. bignastyspammer.com confirming their identity with DK/DKIM or SPF may be a neutral thing (if you know nothing already about bignastyspammer.com), or a good thing (you already know bignastyspammer.com are spammers and you can reject with certainty). And if neutral, your content scanner or your users can help train your blacklist. Either way, it's definitely not a bad thing. Peter -- Peter Bowyer Email: [EMAIL PROTECTED] -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
