50% of the spam we see is RFC compliant DKIM signed, DKIM isnt the issue in your example its the operator and how they determine reputation On Oct 11, 2010, at 9:23 PM, Hector Santos wrote:
> Dave CROCKER wrote: >> >> On 10/11/2010 3:05 PM, Wietse Venema wrote: >>> If you believe that sending mail with a valid bad guy signature is >>> an interesting attack on DKIM, then that implies that you're willing >>> to believe mail that is signed by arbitrary strangers. >> >> >> Well... >> >> But it's not an attack on DKIM. >> >> It's not really an 'attack' on anything, but the most one could claim is >> that >> it's an attack on the recipient's reputation data base, or failure to use >> one. >> >> The DKIM part is used correctly and works fine. So there's no 'attack'. > > Thats "poster framing" material. > > I sure hope you are right. After all, President Obama did get by your > defenses on your list. > > No Signature, Double From ---> Trapped/rejected by mipassoc.org > DKIM signed Double From ----> Accepted, Resigned by mipassoc.org > > So without DKIM, 100% RFC5322 compliant - trapped multiple 5322.From > headers. With DKIM, there is a loophole. Go figure. > > Lets hope this DKIM exploit does not become common place and surprises > a bunch of layman operators. At the point, you can say you were aware > about it. > > -- > Hector Santos, CTO > http://www.santronics.com > http://santronics.blogspot.com > > > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
