On 10/17/2017 06:00 PM, Dimitri Maziuk wrote:
I've a "tactical foliage green" kufiah, best five bucks I ever spent on an article of clothing.

I like it.

The point was that SPF will flag messages with ineptly spoofed From addresses, and I don't seem to see any of those anymore.

;-)

As for DKIM, say you proved that the message was altered after the postmaster@yourdomain was done with it. Now what? Depending on how you look at it, the standard says either - now pretend you don't know if it was altered (in your interpretation: "maliciously") or not, or
- (in Mark's version) assume anything not signed is malicious and invalid.
I strongly dislike either alternative.

I personally work under the assumption that:

If DKIM signature validates, then I consider the message good.

If DKIM signature fails, then there is something wrong with the message, and treat it suspiciously. Read: I increment the spam score. (If the spam score is high enough I reject the message at SMTP time.)

If there is no DKIM signature, I continue processing normally.



--
Grant. . . .
unix || die

------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Reply via email to