ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Not exactly not a threat analysis

2005-08-24 14:25:34
Hi Arvel,
At 12:56 24-08-2005, Arvel Hathcock wrote:
I agree. At present, the mere existance of a valid signature does not get you much in my MTA (a slightly positive value added to the spam filter score is about it and this probably isn't a good idea). However, just seeking off-topic advice here before I do it, would it be good or bad to run the IP of the signing domain through the existing IP-based RBLs? I would like to code for that today so I'm selfishly seeking some advice

As you and other people said, it isn't a good idea to adding a positive value for the spam filter score based on the existence of a valid signature. One might consider running the IP address of the signing domain through an existing RBL service. That brings us back to IP-based blocking.

You could have a RWL (whitelist) to verify the signing domain before assigning a positive value to your score. This would be domain based. One of the advantages of a domain-based approach is that you don't have to track IP address changes. Your customers might prefer to have their own list instead of using a lookup service operated by a third party.

Regards,
-sm
_______________________________________________
ietf-dkim mailing list
http://dkim.org