I've been saving the DKIM signatures on mail sent to my inbox for about the past year, so I did a little analysis on them. There's a total of 71,000 signed messages that got to the procmail delivery filter, signed by a total of 474 domains. I went through and looked up the ADSP records for all of them. I found 51 ADSP records:
24 dkim=all 19 dkim=unknown 8 dkim=discardable A few had t=s but none of the discardables did. Let's take a look at those eight records. The number on each line is the number of messages: 135 paypal.com dkim=discardable 23 paypal.co.uk dkim=discardable 7 intl.paypal.com dkim=discardable 6 mail.julianhaight.com dkim=discardable 4 undp.org dkim=discardable 4 info.paypal.com dkim=discardable 2 info.paypal.ca dkim=discardable 1 info.paypal.co.uk dkim=discardable Six of them are Paypal, who presumably know what they're doing. Of the other two, mail.julianhaight.com is Julian's personal domain. All of the mail from that domain came through a mailing list, which tells us that he didn't follow the advice in RFC 5617. It appears that undp.org really is a branch of the United Nations, and their mail management isn't very good. All four of those messages came from the UNDP's mail servers, all four of them had return addresses that appear to be individual users at undp.org, and all four of them are spam or phish, presumably from botted PCs. Two of the DKIM signatures verify, two don't, haven't looked hard enough to tell why not, but they were broken when they arrived at my MTA. (Look at the spamassassin lines, added at SMTP time.) They're all in my spam archive, so you can look at them yourself: http://spample.iecc.com/yjf/21798071 http://spample.iecc.com/yvh/22631217 http://spample.iecc.com/oga/22622255 http://spample.iecc.com/gdx/22039445 Looking at the headers, this mail appears to have taken the same path that real user mail would have taken, so discardable is wrong here, too. Note that even though the mail is spam, the From: line addresses are in the domain of the sending system, so for ADSP purposes, they're OK, or would be if the signatures were good. I admit that this isn't a very big sample, but it does say that of all the people who sent me mail in the past year, Paypal is the only one who used ADSP discardable in a way that would would be useful for inbound mail handling. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
