Re: ot: dkim "fail (message has been altered)" ?
* lists: > Authentication-Results: geko.sbt.net.au (amavisd-new); > dkim=pass (1024-bit key) header.d=dossierinfotech.in.net; > domainkeys=fail (1024-bit key) > reason="fail (message has been altered)" Domainkeys is long since deprecated. Also, the DKIM signature is reported as OK, so that's not really a good example. In any case, many mailing lists break DKIM sigs by modifying the subject line or body of messages, so rejecting/discarding mail based on DKIM alone is prone to cause trouble for you. DMARC offers an approach that also includes SPF, but it has problems of its own. > is that something that can be rejected/blocked in Postfix, and how? or > where should that be utilized ? You appear to be using amavis, so I suggest you use amavis' spam scoring mechanisms instead of Postfix. -Ralph
Re: ot: dkim "fail (message has been altered)" ?
li...@sbt.net.au skrev den 2019-06-01 15:39: I'm attempting to implement dkim/dmarc, noticed that many spam messages have like "fail (message has been altered)": wow Authentication-Results: geko.sbt.net.au (amavisd-new); dkim=pass (1024-bit key) header.d=dossierinfotech.in.net; domainkeys=fail (1024-bit key) reason="fail (message has been altered)" header.from=mai...@dossierinfotech.in.net header.d=dossierinfotech.in.net run amavisd-milter ? did you report to that maillist ? mailer@ is imho a dsn of content from dsn, why did this fail ? is that something that can be rejected/blocked in Postfix, and how? or where should that be utilized ? postfix can only disable milters, so you you like to stop it, do it in opendkim, but do not reject your self from millists, eg whitelist/disable maillist milters first
ot: dkim "fail (message has been altered)" ?
I'm attempting to implement dkim/dmarc, noticed that many spam messages have like "fail (message has been altered)": Authentication-Results: geko.sbt.net.au (amavisd-new); dkim=pass (1024-bit key) header.d=dossierinfotech.in.net; domainkeys=fail (1024-bit key) reason="fail (message has been altered)" header.from=mai...@dossierinfotech.in.net header.d=dossierinfotech.in.net is that something that can be rejected/blocked in Postfix, and how? or where should that be utilized ? thanks, Voytek