Re: [spf-discuss] SPF, DKIM, and NIH
2009-10-13 07:42:43
David MacQuigg wrote:
Ian Eiloart wrote:
If SPF fails, then look for a DKIM signature. If you get a good one,
you're likely seeing traditional forwarding.
Or forwarding by a crook. What prevents a spammer from sending a
billion ads for Viagra, all with a valid DKIM signature from a reputable
domain? All it takes is one signed message. The rest can be copies,
"forwarded" via a botnet.
The fundamental advantage of signature-based authentication (arbitrary
forwarding) is a fundamental disadvantage when the forwarder is a
crook. Signatures protect only that which is signed, i.e. the body and
a few specifically selected headers. There is *no other assurance* in a
signature. Show that Viagra ad to the original signer, and he will say
"Yup, that's our signature. We sign 500,000 messages per day. We have
per-account rate limits. We even run spam filters on new accounts.
What else do you expect us to do? "
Nice one, David! I've tried to convert it into a shorter version in
http://en.wikipedia.org/wiki/DomainKeys_Identified_Mail#Arbitrary_forwarding
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [spf-discuss] SPF, DKIM, and NIH, (continued)
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH,
Alessandro Vesely <=
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
- Re: [spf-discuss] SPF, DKIM, and NIH, alan
- Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
|
Previous by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Next by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Previous by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg |
Next by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|