Robert Wysocki wrote, on 26.04.2012 13:07: > Hi there, > > I'm trying to achieve configuration that would verify DKIM signatures > for known signers. > Everything works fine until envelope-from address is one of known > signers. But many spams have envelope-from set differently than From: > header, eg. [email protected] in envelope-from and > [email protected] in From: header. > This enables them to bypass DKIM signature checks and therefor to bypass > one of the anti-spam mechanisms.
DKIM has no relation to envelope from. DKIM signs and protects the From: header (and others). Using envelope from for anything related to DKIM can only produce false positives, eg. common forwards. Greetings, Wolfgang -- Wolfgang Breyha <[email protected]> | http://www.blafasel.at/ Vienna University Computer Center | Austria -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
