ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] DKIM adoption

2009-08-02 09:32:17
from [Paul Russell] [Permanent Link] 
On 8/1/2009 00:17, Franck Martin wrote:

I was curious by Scott comment re SPF.

Is there a class of spam that cannot get a DKIM signature?

I would think botnets would be that class, as they usually infect 
computers and not sure they could DKIM sign as it would require them
to set a DNS entry too. Knowing that botnets are 70% of spam, if DKIM
could solve this one it would be great.


You will not eliminate botnet spam by requiring a valid DKIM signature on every
message accepted your mail servers.  DKIM signatures are associated with
domains, not sending IP addresses or the DNS hostnames associated with those IP
addresses.  Spammers register countless domains every day; they could easily
generate and publish DKIM keys for those domains.  The spamware used on zombies
could be modified to use sender addresses in those domains and generate DKIM
signatures for outbound messages.  There is no technical reason why it could not
be done.  On the other hand, in the absence of wide-spread adoption of DKIM by
legitimate senders, there is little, if any, incentive for spammers to move in
this direction, because it eliminates their ability to used bogus/forged sender
addresses in domains they do not control.

There are techniques which can be used to block most spam from botnets, without
the overhead of validating DKIM signatures.  Most, if not all, of these
tecniques have non-zero FP rates, but some sites have decided that the benefits
of these techniques outweigh the costs.


so my question to add to your question "Does the presence of a signature 
provide any objective data about the goodness or badness of the signer?" is:
is there a class of spam that cannot get a DKIM signature?


Probably not.  But DKIM is not designed to provide a message recipient with
the ability to determine whether a message is spam; it is designed to provide a
message recipient with the ability to determine whether a message was sent by
the apparent sender.

-- 
Paul Russell, Senior Systems Administrator
OIT Messaging Services Team
University of Notre Dame
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] DKIM adoption, John R. Levine
Next by Date:  Re: [ietf-dkim] Escaping things in key/ADSP records, Steve Atkins
Previous by Thread:  Re: [ietf-dkim] DKIM adoption, Steve Atkins
Next by Thread:  Re: [ietf-dkim] DKIM adoption, Dave CROCKER
Indexes:  [Date] [Thread] [Top] [All Lists]