I've seen spam with List-ID: headers, but I don't think they were of the type I described. If messages that (look like they) come from mailing lists are less likely to be blocked by filters (whether this is because of DKIM or for some other reason), I'm sure spammers will one day make use of it.
To me this means two things: a) as a receiver (i.e. filter) you should never second guess why a DKIM signature is broken (I don't think anyone ever suggested one should); b) as a sender, if your mail is so important that it should be discarded if the DKIM signature is broken, don't send it through systems that are likely to break it. Martijn. > -----Original Message----- > From: Dave CROCKER [mailto:[email protected]] > Sent: 04 August 2010 18:35 > To: Martijn Grooten > Subject: Re: [ietf-dkim] Clarifying DKIM (etc.) expectations for > mailing lists in the face of digests > > > That sounds like a theoretical attack. Are there examples of this > being done in > the wild? Do the examples demonstrate actual utility? > > d/ > > On 8/4/2010 10:29 AM, Martijn Grooten wrote: > >> What is the security model that makes this expectation of > preservation > >> important > >> and reasonable, given that it is so easily and whimsically violated > by > >> a common > >> recipient-selectable setting? > > > > There's a scenario where a spammer/phisher sets up a mailing list, > adds a bunch of addresses to the list and then sends a message with a > paypal.com From: address through the list. The DKIM signature will > obviously be invalid, but a MTA/spam filter won't be able to decide > whether this is because the message didn't really come from Paypal, or > because it did but the mailing list broke it. > > > > Martijn. > > > > Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England. > > Company Reg No: 2388295. VAT Reg No: GB 532 5598 33. > > > > -- > > Dave Crocker > Brandenburg InternetWorking > bbiw.net Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England. Company Reg No: 2388295. VAT Reg No: GB 532 5598 33. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
