On 2017-10-17 19:09, Grant Taylor via Mailman-Users wrote:
If DKIM signature fails, then there is something wrong with the message,
and treat it suspiciously. Read: I increment the spam score. (If the
spam score is high enough I reject the message at SMTP time.)
If there is no DKIM signature, I continue processing normally.
Then you seem to misunderstand what crypto signatures actually do.
If signature check fails, then the message is not what its author
actually wrote. IRL it's mainly SorceForge and the like injecting its
ads into signed parts, (and the real reason google is pushing https and
dkim so hard is it's messing with their ad revenue,) but in principle if
the check fails the message *content* is *invalid*. Whoever the author
and whatever the content.
Dimitri
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org