Bill Cole wrote (2025-11-12 17:52):
A valid DKIM signature is not very useful *by itself* in deciding
whether a particular message is ham or spam. Spammers know how to
set up DKIM. That would normally be a reason to make it an unscored
sub-rule (i.e. __DKIM_VALID) however because we believed users may
want to know that without needing to dig too deeply, so we made it
a rule on its own. Giving it a -0.1 score is just a way to make it
essentially meaningless on its own. Arguably it should be -0.01,
but that shows up in some cases as "-0.0" which would be confusing.
On 13.11.25 10:29, Thomas Barth via users wrote:
I understand this and it's ok. I just want to get DKIM_INVALID if the
signature is invalid. I am trying to find out why the results differ
and who is right, opendkim or SA's dkim-check. opendkim itself
actually works for me with regular emails, even if two signatures have
to be checked.
Sorry I missed your first email...
Are you sure the SA header comes from your server?
Perhaps spammer injected own one?
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"The box said 'Requires Windows 95 or better', so I bought a Macintosh".
