[dkim-ops] Bogus DKIM signatures?
SM
sm at resistor.net
Tue Jun 2 22:56:17 PDT 2009
Hi Jim,
At 21:12 02-06-2009, Jim Fenton wrote:
>I heard two reports today of DKIM-signed spam being received by GMail
>users, and got a sample from one of them. The message, from an IP
>address in Romania, had an obviously-doctored DKIM signature. They took
>a yahoo.com signature from late April and changed the d= to mahoo.dom .
>Same with the DK signature.
I have seen cases where people take a DKIM signature, change some of
the contents and add the modified DKIM signature to another
message. I forgot whether that also happened for DK signatures.
>Anyone else seeing anything like this? I'm wondering why they think
>this might be a useful thing to do.
Because Gmail accepts your message if it contains a DKIM header.
:-) That's what some people seem to think anyway.
Regards,
-sm
More information about the dkim-ops
mailing list