ops.lists at gmail.com
Wed Feb 19 04:44:25 UTC 2014
I would not advise that. Plenty of things can render a dkim sig invalid.
Not all of them are evidences of malice.
You might be well advised to check for a DMARC record (which asserts policy
using a combination of DKIM and SPF) and if there's a reject there, feel
free to trash the email if there's a validation failure. But not simply
because a DKIM signature breaks.
On Tuesday, February 18, 2014, Private Sender <nobody at snovc.com> wrote:
> Spamassassin knows the dkim signature is invalid, so there must be a dns
> query that occurs at this point in the message processing.
> If that is the case, there must be someway to configure to reject if the
> dkim signature is invalid.
More information about the NANOG