Eric Shubert wrote: > Sam, > > I see in the TODO file for 4.0 that adding SPF/CSV/Sender ID/DomainKeys/DKIM > checking is ranked as a todo-later item. I don't care so much about > CSV/SenderID/DomainKeys, but I'd like to see the others implemented sooner > than later. > > In particular, DKIM signatures are reportedly (2/08) being implemented at > PayPal and eBay, and I'd expect other (large) financial institutions to be > implementing it soon as well. I think it'd be great to have spamdyke > rejecting invalid DKIM signatures. This isn't so much simply an anti-spam > measure, but a solution to a very real security threat (identity theft). > > SPF checking is presently available in qmail-toaster, so that's not a high > priority for me. However, I think it's more appropriately done by spamdyke > than (a patched) qmail, so I'd like to see you do this as well. > > As far as DomainKeys goes, the qmail-toaster implementation of this, at > least on the checking side, is somewhat broken, so it'd be nice to have, but > I don't honestly think it's being used, as it's being pretty much replaced > with DKIM. My guess is that CSV and SenderID are also not worth the trouble > to implement. > > I hope that others will share their opinions on this as well. I could be > wrong (again). ;) > > Thanks for the great work with spamdyke. >
FWIW, some surveys regarding mail authentication: http://www.sendmail.org/dkim/surveyFortune1000 http://www.sendmail.org/dkim/surveyUsBanking -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users