bill.ox...@cox.com wrote: > 50% of the spam we see is RFC compliant DKIM signed, DKIM isnt the issue in > your example its the operator and how they determine reputation
Please read what was said. No Signature, Double From ---> Trapped/rejected by mipassoc.org DKIM signed Double From ----> Accepted, Resigned by mipassoc.org If mipassoc.org is going to an "example" of many systems, then we have a unfortunate problem until current systems are updated to prevent the DKIM loophole for what is otherwise RFC5322 checking systems. What it means for most systems that they need to change a model based on this: CHECK DKIM ---- PASS --> ACCEPT CHECK RFC5322 ---- BAD --> REJECT BREAK RESIGN DISTRIBUTE To this: CHECK RFC5322 ---- BAD --> REJECT CHECK DKIM ---- PASS --> ACCEPT BREAK RESIGN DISTRIBUTE -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html