ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] 8bit downgrades

2011-05-24 10:43:43
On 5/24/11 1:30 PM, Ian Eiloart wrote:
On 23 May 2011, at 23:09, Rolf E. Sonneveld wrote:

On 5/23/11 6:35 PM, John R. Levine wrote:
In the real world signature reliability matters. If a domain signs mail
as a rule then an absent or broken signature will be treated as
suspicious.
I hope you're wrong, since that violates an explicit SHOULD in RFC 4871,
and in my experience, most broken signatures are due to innocent
modification in transit, not malice.

Do you have numbers to show that broken signatures indicate that messages
are malicious, or spam, or otherwise worse than otherwise?
SpamAssassin assigns a score of something like 0.1 for a message
carrying a DKIM signature and compensates that with -0.1 if the
signature can be verified to be correct. Effectively, this means SA is
penalizing broken signatures...
Barely. That's 0.1 on a default threshold of 5.0, I think.

Granted, it's a small penalty, yet it's a penalty. And also (to get back 
to John's question) it doesn't mean that [...] a broken signature 
indicate that messages are malicious, or spam [...]. It just means that 
in the real world there are systems, even widely used systems, which 
does by default treat messages with a broken signature not equal as if 
the message had no signature at all.

/rolf
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html