Hi Arvel,
At 12:56 24-08-2005, Arvel Hathcock wrote:
I agree. At present, the mere existance of a valid signature does
not get you much in my MTA (a slightly positive value added to the
spam filter score is about it and this probably isn't a good
idea). However, just seeking off-topic advice here before I do it,
would it be good or bad to run the IP of the signing domain through
the existing IP-based RBLs? I would like to code for that today so
I'm selfishly seeking some advice
As you and other people said, it isn't a good idea to adding a
positive value for the spam filter score based on the existence of a
valid signature. One might consider running the IP address of the
signing domain through an existing RBL service. That brings us back
to IP-based blocking.
You could have a RWL (whitelist) to verify the signing domain before
assigning a positive value to your score. This would be domain
based. One of the advantages of a domain-based approach is that you
don't have to track IP address changes. Your customers might prefer
to have their own list instead of using a lookup service operated by
a third party.
Regards,
-sm
_______________________________________________
ietf-dkim mailing list
http://dkim.org