[ietf-dkim] Re: New Issue: 4.2 needs new Attack Item: InconsistentSignat

Hector Santos wrote:

80-84% of all SPF policies seen by SMTP receivers are NEUTRAL
(relaxed) policies.  Among these, atleast 60%, are Bad Actors
exploiting a RELAXED domain policy.


It's not possible to "exploit" NEUTRAL, as it's by definion the
same as NONE.  What's so unusual with 60% spam ?  Apparently a
bit lower than the average.  As with DKIM the only real exploit
is a PASS from a white-listed source.

There is no reason to believe that DKIM will not have the
same form of inconsistent signature/policy (or Mixed Policy)
exploitations.


Any o=~ spam without signature is no exploit.  The domain owner
has reasons for o=~, among them the valid reason "not all of my
mails are signed".

NEUTRAL or unsigned spam is the same spam as it always was, no
"exploit".  Some spammers just ignore DKIM or SPF or your CBV,
and if you catch them with SPF FAIL or DKIM STRONG or your CBV
they bite the dust.  Working as designed.

                             Bye, Frank


_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Can vendor's really say they have DKIM support yet?, Hector Santos

Next by Date:

[ietf-dkim] Re: New Issue: Threat-00 Limiting the scope of trust, Frank Ellermann

Previous by Thread:

Re: [ietf-dkim] New Issue: 4.2 needs new Attack Item: InconsistentSignature vs Policy Attacks, Hector Santos

Next by Thread:

Re: [ietf-dkim] Re: New Issue: 4.2 needs new Attack Item: InconsistentSignature vs Policy Attacks, Hector Santos

Indexes:

[Date] [Thread] [Top] [All Lists]