[dkim-ops] Checking for SPF & DKIM Checks

Byung-Hee HWANG bh at izb.knu.ac.kr
Sun Nov 9 14:34:59 PST 2008

Hash: SHA1

Matus UHLAR - fantomas wrote:
>> mouss wrote:
>>> Byung-Hee HWANG wrote:
>>>> mouss wrote:
>>>> [...]
>>>>> let's start with DKIM.
>>>>> do you have
>>>>> loadplugin Mail::SpamAssassin::Plugin::DKIM
>>>> + i'm use with following rule ;;
>>>> score DKIM_VERIFIED    -45.3
>>> then you won't catch spam relayed by yahoo, ... etc.
> On 10.11.08 04:11, Byung-Hee HWANG wrote:
>> Well, i don't care. I accept the emails passed by DKIM, anyway..
> so you intentionally create false negatives just because they are DKIM
> signed?

My answer is "Yes" if i should say. Because of the spam case is the
concern of the hosting, not DKIM. Yahoo and Google are trying for the
such spam case.

Let's get serious. If you had reading specs of RFC4408 and RFC4871, you
know the role of both SPF and DKIM. Exactly both SPF and DKIM are tools
for anti-pishing, not anti-spam (at here i defined the term "SPAM" as
"UCE"). Sometimes we received the spam passed DKIM from Yahoo and
Google. However. We have no way to stop the such spam in this time.
Because stopping the such spam is not DKIM's scope.

So what we says "DKIM is bad" is wasting times for the spam passed DKIM
from Yahoo and Google. As same step, we cannot say "SPF is bad". We need
to talk more about this issue.

Version: GnuPG v1.4.0 (FreeBSD)


More information about the dkim-ops mailing list