On 10/17/2017 06:00 PM, Dimitri Maziuk wrote:
I've a "tactical foliage green" kufiah, best five bucks I ever spent on
an article of clothing.
I like it.
The point was that SPF will flag messages with ineptly spoofed From
addresses, and I don't seem to see any of those anymore.
;-)
As for DKIM, say you proved that the message was altered after the
postmaster@yourdomain was done with it. Now what? Depending on how you
look at it, the standard says either
- now pretend you don't know if it was altered (in your interpretation:
"maliciously") or not, or
- (in Mark's version) assume anything not signed is malicious and invalid.
I strongly dislike either alternative.
I personally work under the assumption that:
If DKIM signature validates, then I consider the message good.
If DKIM signature fails, then there is something wrong with the message,
and treat it suspiciously. Read: I increment the spam score. (If the
spam score is high enough I reject the message at SMTP time.)
If there is no DKIM signature, I continue processing normally.
--
Grant. . . .
unix || die
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
