On 5/23/11 6:35 PM, John R. Levine wrote: >> In the real world signature reliability matters. If a domain signs mail >> as a rule then an absent or broken signature will be treated as >> suspicious. > I hope you're wrong, since that violates an explicit SHOULD in RFC 4871, > and in my experience, most broken signatures are due to innocent > modification in transit, not malice. > > Do you have numbers to show that broken signatures indicate that messages > are malicious, or spam, or otherwise worse than otherwise?
SpamAssassin assigns a score of something like 0.1 for a message carrying a DKIM signature and compensates that with -0.1 if the signature can be verified to be correct. Effectively, this means SA is penalizing broken signatures... /rolf _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
