On 23 May 2011, at 23:09, Rolf E. Sonneveld wrote:
On 5/23/11 6:35 PM, John R. Levine wrote:
In the real world signature reliability matters. If a domain signs mail
as a rule then an absent or broken signature will be treated as
suspicious.
I hope you're wrong, since that violates an explicit SHOULD in RFC 4871,
and in my experience, most broken signatures are due to innocent
modification in transit, not malice.
Do you have numbers to show that broken signatures indicate that messages
are malicious, or spam, or otherwise worse than otherwise?
SpamAssassin assigns a score of something like 0.1 for a message
carrying a DKIM signature and compensates that with -0.1 if the
signature can be verified to be correct. Effectively, this means SA is
penalizing broken signatures...
Barely. That's 0.1 on a default threshold of 5.0, I think.
/rolf
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html