On Monday, May 23, 2011 12:35:02 PM John R. Levine wrote:
In the real world signature reliability matters. If a domain signs mail
as a rule then an absent or broken signature will be treated as
suspicious.
I hope you're wrong, since that violates an explicit SHOULD in RFC 4871,
and in my experience, most broken signatures are due to innocent
modification in transit, not malice.
Which one is that? AFAIK treating a broken signature the same as no signature
is what the RFC wants me to do.
Do you have numbers to show that broken signatures indicate that messages
are malicious, or spam, or otherwise worse than otherwise?
None that I can share unfortunately. IME no signature is more suspicious than
a broken one (as you suggest, I think most breakage is innocent), but putting
broken and no signature into the same bucket is the most sensible and RFC
compliant way to approach it.
For that matter, since we're not talking about ADSP, what do you mean by
an absent signature? Do you track which domains sign what mail? How do
you tell what signature you're expecting? From line domain? Sender?
Message ID? Something in the Received lines?
The specific cases (which are non-ADSP) that I'm aware of use the body From as
a key.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html