Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles
2021-05-25 21:12:19
Dave Crocker writes:
Actually, no, that's not what I said. Bad actors are always the first to
adopt the newest anti-spam technologies, to abuse those unfortunates who
interpret DKIM the way you described.
DKIM establishes a clean (noise-free) channel from the signer, which means
that any assessment about them really is about them. If they are bad
actors, that is a lot easier to assess, as is if they are good actors.
Ah, but the first paragraph's the rub. That's why I saw DKIM-Signature: as a
spam indicator: the bad actors' initial take-up of DKIM-Signature: was quite
noticable.
That was definitely true at one point. Based on today's numbers that I
looked at the mainstream adoption of DKIM sadly diluted its early value as a
spam indicator, ironically.
But nearly all other spam, the kind that I do have a major problem with, the
specific type that I'm bitching about, nearly all of it carries a DKIM-
Siganture: field. I only found very, very few exceptions to that.
For those assessed as bad actors, was any of their mail mixed in with mail
from a different signer who was assessed to be a good actor?
My sample wasn't large enough for that. I have no recollection of seeing
this; except I have a dim recollection of receiving something non-spam from
Sendgrid a very, very long time ago, before I wrote them off as damaged
goods.
Interestingly enough, while researching this response, I found a copy of a
sendgrid-sourced spam from December 2020, from a previously unknown (to me)
IP address range (it was spamming an SMS-spam service). It did not have a
DKIM/DMARC signature of any kind. Nothing from Sendgrid since then until
today, when Sendgrid attempted to spam one of my Sourceforge mailing lists,
with a monstrous DKIM-signed spam in Spanish.
So, looks like Sedngrid is
Now, to John's point, that DKIM alone is not indicative of reputation, that
it only serves to ascertain identity, and with that out of the way you can
now evaluate the proven identity's reputation. Well, the problem with that
is twofold:
1) There are no known (at least to me) established reputation providers. And
even if there are some that claim to be, history teaches that they don't
really accomplish much.
Gosh, you mean that each evaluator needs to formulate their own criteria,
about a complex, fuzzy topic? Yup!
2) So you're left with building and maintaining your own reputation database.
That seems like a lot of work to me.
It is. Sad reality. Lot of criminals on the streets make safe navigation
challenging. Most people need to outsource their safety efforts.
You can't really have both. Either you "formulate your own criteria", or
you'll outsource your spam filtering.
pgpgeLLPi4wqq.pgp
Description: PGP signature
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-smtp] Email explained from first principles, (continued)
- Re: [ietf-smtp] Email explained from first principles, John Levine
- Re: [ietf-smtp] Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John Levine
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John Levine
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles,
Sam Varshavchik <=
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John Levine
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Nathaniel Borenstein
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John C Klensin
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Matthias Leisi
- Re: [ietf-smtp] Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] Email explained from first principles, John R Levine
|
|
|