Murray S. Kucherawy schrieb:
On Thu, 28 Feb 2008, Florian Sager wrote:
Thanks for this reminder, I forgot about this draft: maybe section
4.1 can be extended by s.th. like "a Reports are requested for passed
signatures inside mails with suspicious content". The same intent may
already be included in 4.2 "s ... signed and Suspicious".
Not a bad idea. Any comments from others?
I wrote a small script that reports spam mails - received in spam traps
- to the optional r-address defined in
draft-kucherawy-dkim-reporting-01.txt in ARF format (currently ro=all
has to be set).
http://www.mipassoc.org/arf/specs/draft-shafranovich-feedback-report-02.html#rfc.section.4
claims that the original email has to be contained (with rather few
modifications). Unfortunately any information sent back to the signing
authority (that should be linked to the reporting address) can be used
to detect the spamtraps (even the subject, the DKIM identity or the date
contained in the first section of the ARF report could be correlated to
a spam trap address).
Any ideas how to handle this? I guess "give no feedback" is the
unsatisfying solution.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html