Incoming SMTP in the year 2017 and absence of DKIM
Grant Taylor
gtaylor at tnetconsulting.net
Wed Nov 29 20:48:25 UTC 2017
On 11/29/2017 01:35 PM, Blake Hudson wrote:
> Where DKIM/SPF really help is when there's a failure that indicates a
> message has been spoofed.
There are other legitimate things that can break DKIM signatures. I
have personally seen changes in content type encoding break a DKIM
signature.
The message was perfectly valid, and only failed DKIM signature validation.
> This is a good indication of phishing and is a
> justified reason to reject or quarantine a message in the interest of
> your employees or subscribers.
As much as I would like to be able to safely reject on DKIM Signature
validation failure, I don't think that it is safe to do so.
> Sometimes these will be config errors,
> but I feel confident telling the sender to take config issues up with
> their service provider.
Hopefully this will bring the perceived problem to someone's attention
who can hypothetically do something to correct it.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20171129/34216623/attachment.bin>
More information about the NANOG
mailing list